[Vpn-help] shrewsoft <-> openswan not working with PSK+XAUTH
hiren joshi
joshihirenn at gmail.com
Thu May 8 07:00:32 CDT 2008
Hello,
I am not able to establish a connection with following configuration:
Client: ShrewSoft 2.0.3
Server: Openswan-2.4.8
Auth Method: PSK+XAUTH
Analyzing the log I found:
Openswan do not send value of XAUTH_TYPE attribute as per:
http://www.vpnc.org/ietf-xauth/draft-beaulieu-ike-xauth-02.txt. Which says -
XAUTH-TYPE - The type of extended authentication requested whose
values are described in the next section. This is an optional
attribute for the ISAKMP_CFG_REQUEST and ISAKMP_CFG_REPLY messages.
If the XAUTH-TYPE is not present, then it is assumed to be Generic.
However, Shrewsoft vpn client expects the value of XAUTH_TYPE attribute (see
below log).
Perhaps it is following:
http://tools.ietf.org/html/draft-ietf-ipsec-isakmp-xauth-03. Which says -
XAUTH_TYPE - The type of extended authentication requested whose
values are described in the next section. This is a mandatory
attribute for the ISAKMP_CFG_REQUEST and ISAKMP_CFG_REPLY
messages.
Shrewsoft Vpn Client Log:
!! : missing required xauth type attribute
Is there any workaround/patch available?
Thanks for your time.
-hiren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20080508/fee841b2/attachment-0001.html>
More information about the vpn-help
mailing list