[Vpn-help] No IPSEC SA after ISAKMP
Matthew Grooms
mgrooms at shrew.net
Fri Oct 19 18:52:31 CDT 2007
David Santinoli wrote:
>
> Hi Matthew,
> I've just done a test run with the 2.0.2 client, but the
> "NAT-Traversal: Only 0 NAT-D - Aborting NAT-Traversal negociation"
> message still shows up in the Pluto log, and the IPSEC SA does not get
> established. The situation looks the same as before, including that
> trivial Client Netmask vanishing bug.
> And yes, I'm sure I'm using the new 2.0.2. :-)
>
I looked further into the NAT-D issue and there was in fact a problem in
main mode. I was looking at aggressive mode before. Sorry about that. I
also back ported the fix for the Client Netmask bug. Forgot about that
as well :/
> Unrelated to this, I would like to ask two questions:
>
> - Will the Windows client ever be released as open source?
>
I would like to eventually. Sorry I can't be more specific than that.
> - I think it would be nice to include the certificates and the private
> key in the configuration file (the client by TheGreenBow does so),
> as this would greatly ease the configuration by the end-user.
> Any plans for developing such a feature?
>
I had thought about this before but forgot to put it on the road map.
Will add this for 2.1 as I agree it is a very good idea.
Please try the updated the package. If you still experiencing problems
please send debug output as before. I would like to get these issues
worked out this weekend if possible.
Thanks again,
-Matthew
More information about the vpn-help
mailing list