[Vpn-help] Shrew 2.1.0-alpha4 on Ubuntu Feisty against Sidewinder VPN

[mgrooms]

On Sat, 22 Dec 2007 14:41:25 -0600, "Don Seiler" <don at seiler.us> wrote:
> I'm using the ikea GUI.  When I hit "Connect", it launches a new
> window (ikec?), I enter my username password as I had used in racoon.
> 
> One note:  In racoon, I had to specify a pre_shared_key file that
> contained the username/password in a single line.  Then in the remote
> config I used xauth_login to refer to this line.  The
> authentication_method was still xauth_rsa_client.
> 

Right. The "Mutual RSA + XAuth" option is the equivalent authentication
method in the Shrew Soft Client. The username and password used in the ikec
program will be the equivalent of the pre_shared_key file entries.

> Another question, does shrew support pkcs12 files directly?  The
> online docs indicate that you do, but the file browser to select certs
> didn't list .p12 as a suffix.  I had been converting my .p12 private
> key to a .pem file.  The other certs were supplied by MIS as .pem
> already.
> 

Yes, pkcs12 files are supported. I need to update the ikea program to make
this more clear. The file type is listed as an option on the windows site
configuration gui but apparently not on the unix version. If you have a
single file that includes the Certificate Authority, Client Certificate and
Private Key data, you can just specify the same file for all three entries
in the authentication tab. If the file has password protected contents, you
will be prompted for this at connect time.

Thanks,

-Matthew