Ubuntu Linux laptop roadwarrior to IPCop VPN 1.4.6

Frederic Soulier frederic at wallaby.uklinux.net
Fri Jul 22 12:27:34 UTC 2005


coaxx wrote:
> thank U but it does not work for me. I can connect from a Windows Xp
> client but not from kubuntu Hoary with openswan installed.

Ah well, it was bound to not work for some people ;)
What's your setup?
Is your VPN setup on the BLUE interface for the Wireless network? If
yes, I haven't tried that so can't comment.

At least another person (using Gentoo) used my setup and it worked 1st
time as well.
The info I gave are to connect from a client to the VPN running on the
RED interface on the IPCop 1.4.6 to access the GREEN network.


> 
> 
> Here are the logs on my VPN Server (ipcop)
> 
> 
> 
> 
> Code:
> --------------------
>     
> 
>   ipcop pluto[913]: packet from 192.168.254.198:500: received Vendor ID payload [Dead Peer Detection]
> 
>   ipcop pluto[913]: "bluevpn" #37: responding to Main Mode
> 
>   1 ipcop pluto[913]: "bluevpn" #37: transition from state (null) to state STATE_MAIN_R1
> 
>   ipcop pluto[913]: "bluevpn" #37: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> 
>   ipcop pluto[913]: "bluevpn" #37: byte 2 of ISAKMP Identification Payload must be zero, but is not
> 
>   ipcop pluto[913]: "bluevpn" #37: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
> 
>   ipcop pluto[913]: "bluevpn" #37: sending notification PAYLOAD_MALFORMED to 192.168.254.198:500
> 
>   ipcop pluto[913]: "bluevpn" #37: byte 2 of ISAKMP Identification Payload must be zero, but is not
> 
>   ipcop pluto[913]: "bluevpn" #37: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
> 
>   ipcop pluto[913]: "bluevpn" #37: sending notification PAYLOAD_MALFORMED to 192.168.254.198:500
> 
>   ipcop pluto[913]: "bluevpn" #37: max number of retransmissions (2) reached STATE_MAIN_R2 [/color]
> 
>   
> --------------------
> 
> 
> 
> 
> And this is what is shown during connection process in kubuntu (last
> message repeats all 20 sec)
> 
> 
> 
> 
> Code:
> --------------------
>     
> 
>   uwe at 5200-801:~$ sudo ipsec auto --up localvpn
> 
>   104 "localvpn" #1: STATE_MAIN_I1: initiate
> 
>   003 "localvpn" #1: received Vendor ID payload [Dead Peer Detection]
> 
>   106 "localvpn" #1: STATE_MAIN_I2: sent MI2, expecting MR2
> 
>   108 "localvpn" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> 
>   003 "localvpn" #1: discarding duplicate packet; already STATE_MAIN_I3
> 
>   010 "localvpn" #1: STATE_MAIN_I3: retransmission; will wait 20s for response
> 
>   
> --------------------
> 
> 
> 
> 
> 
> 
> By trhe way:
> 
> 
> 
> this will not work here (complains about incoplete conn config during
> ipsec start)
> 
> 
> 
> 
> 
>>conn block
> 
> 
>>auto=ignore
> 
> 
> 
>>conn private
> 
> 
>>auto=ignore
> 
> 
> 
>>conn private-or-clear
> 
> 
>>auto=ignore
> 
> 
> 
>>conn clear-or-private
> 
> 
>>auto=ignore
> 
> 
> 
>>conn clear
> 
> 
>>auto=ignore
> 
> 
> 
>>conn packetdefault
> 
> 
>>auto=ignore
> 
> 
> 
> 


-- 

Frederic Soulier <frederic at wallaby.uklinux.net>
OpenPGP key available on http://www.keyserver.net
1024D/BA6700ED   49A6 8E8E 4230 8D41 1ADE  B649 3203 1DD2 BA67 00ED




More information about the ubuntu-users mailing list