[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [NETVAERK] IPCOP 1.4.2 - Windows/XP ?



Filip Stadler wrote:
Er sådan set stadig mit problem og jeg over vejer nu de andre muligheder end PSK, men hvordan dælen for jeg så konventeret de certifikater som min ipcop's pem filer har lavet til noget som kan læses ind i Microsoft MMC ?


- Jeg tænker på mmc har en mulighed for import af .PFX .P12 og .P7B samt .sst og de skal vel laves ud fra indeholdet af .PEM filerne på ipcop.

Det er ved at blive en dårlige vane - at besvare sine egne spørgsmål men på den anden side når igen andre svare, så er det jo næsten pinligt at spørge :-)


Jeg fandt jo ud af - jeg bare sku lave certificat i IPCOP 1.4.2 også downloade det derfra også fik jeg en korrekt fil som bare lige var til at importere via mcc eller andet.

Ok, det ændre nu stadig ikke på mit problem med at få det til at virke både med PSK løsning eller med certifikat :-) nu får den godt nok overført certifikatet men ikke helt perfekt endnu og måske har jet et NAT problem på routeren også.


8:37:24 pluto[3341] "genvej2" #14: responding to Main Mode
08:37:24 pluto[3341] "genvej2" #14: transition from state (null) to state STATE_MAIN_R1
08:37:25 pluto[3341] "genvej2" #14: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
08:37:25 pluto[3341] "genvej2" #14: ignoring informational payload, type IPSEC_INITIAL_CONTACT
08:37:25 pluto[3341] "genvej2" #14: Main mode peer ID is ID_IPV4_ADDR: '192.168.2.101'
08:37:25 pluto[3341] "genvej2" #14: end certificate with identical subject and issuer not accepted
08:37:25 pluto[3341] "genvej2" #14: X.509 certificate rejected
08:37:25 pluto[3341] "genvej2" #14: no suitable connection for peer '192.168.2.101'
08:37:25 pluto[3341] "genvej2" #14: sending notification INVALID_ID_INFORMATION to 80.197.58.159:500
08:37:29 pluto[3341] "genvej2" #13: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message


08:37:29 pluto[3341] "genvej2" #15: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: peer is NATed
08:37:29 pluto[3341] "genvej2" #15: Warning: peer is NATed but source port is still udp/500. Ipsec-passthrough NAT device suspected -- NAT-T may not work.
08:37:29 pluto[3341] "genvej2" #15: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
08:37:29 pluto[3341] "genvej2" #15: Main mode peer ID is ID_IPV4_ADDR: '192.168.2.101'
08:37:29 pluto[3341] "genvej2" #15: we require peer to have ID 'C=DK, O=stadler.dk, CN=blegos', but peer declares '192.168.2.101'
08:37:29 pluto[3341] "genvej2" #15: sending notification INVALID_ID_INFORMATION to 80.197.58.159:500



Nu har jeg vidst KUN 2 problemer tilbage.


Mit certifikat også NAT-T may not work.

Den router jeg har foran XP VPN, har jeg åbnet port 500 UDP på samt port 4500 men måske har den et problem.

Nogle forslag ?

Med Venlig Hilsen
Filip Stadler




 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 22:42 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *