[Vpn-help] vpn-release-1.1 communicate with racoon problem

[Matthew Grooms]

Zhao,

Thanks for trying out the VPN Client. If you see esp packets being
emitted from the client ( passing both phase1 and phase2 ), it is very
likely close to working.

To start, it would be a good idea to reconfigure your client address
range to start with .1 instead of .0 as this can cause problems. I will
see if I can sneak in an ipsec-tools fix to prevent this from happening
before we branch for 0.7.

For example ...

mode_cfg {
	pool_size 253;
	network4 192.168.1.1;
	netmask4 255.255.255.0;
	dns4 192.168.20.1;
	auth_source system;
}

Also, does your debian gateway have selinux or a firewall like iptables
installed? As for the certificate verification not working, could you
run racoon with the -d option and forward me the relevant debug output
regarding this issue.

Thanks,

-Matthew