[Vpn-help] New 2.2.0 alpha available ...
Tai-hwa Liang
avatar at mmlab.cse.yzu.edu.tw
Mon Oct 27 21:44:25 CDT 2008
On Mon, 27 Oct 2008, Matthew Grooms wrote:
> All,
>
> I just posted a 2.2.0 alpha 1 release on the download page. Unlike a
> stable release, it contains new features and aggressive changes for
> those interested in testing or early adoption. Here is a brief synopsis
> of one of the more interesting new features ...
[...]
>
X509 based authentication doesn't seem to work in this version. Follow
are the relevant server logs(OpenSSL 0.9.7e-p1 + ipsec-tools 0.7.1):
Oct 28 10:36:40 vpn-gw racoon: INFO: respond new phase 1 negotiation: aa.bb.cc.dd[500]<=>ww.xx.yy.zz[500]
Oct 28 10:36:40 vpn-gw racoon: INFO: begin Aggressive mode.
Oct 28 10:36:40 vpn-gw racoon: INFO: received broken Microsoft ID: FRAGMENTATION
Oct 28 10:36:40 vpn-gw racoon: INFO: received Vendor ID: DPD
Oct 28 10:36:40 vpn-gw racoon: INFO: received Vendor ID: CISCO-UNITY
Oct 28 10:36:41 vpn-gw racoon: ERROR: 943:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_pk1.c:100: 943:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_eay.c:625:
Oct 28 10:36:41 vpn-gw racoon: ERROR: Invalid SIG.
Oct 28 10:36:41 vpn-gw racoon: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Oct 28 10:36:41 vpn-gw racoon: WARNING: Short payload
Oct 28 10:36:46 vpn-gw racoon: WARNING: Short payload
Oct 28 10:36:50 vpn-gw racoon: ERROR: 943:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_pk1.c:100: 943:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_eay.c:625:
Oct 28 10:36:50 vpn-gw racoon: ERROR: Invalid SIG.
Oct 28 10:36:51 vpn-gw racoon: WARNING: Short payload
Oct 28 10:36:56 vpn-gw racoon: WARNING: Short payload
Oct 28 10:36:56 vpn-gw racoon: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Oct 28 10:37:00 vpn-gw racoon: ERROR: 943:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_pk1.c:100: 943:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_eay.c:625:
Oct 28 10:37:00 vpn-gw racoon: ERROR: Invalid SIG.
Oct 28 10:37:01 vpn-gw racoon: WARNING: Short payload
Oct 28 10:37:06 vpn-gw racoon: WARNING: Short payload
Oct 28 10:37:10 vpn-gw racoon: ERROR: 943:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_pk1.c:100: 943:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_eay.c:625:
Oct 28 10:37:10 vpn-gw racoon: ERROR: Invalid SIG.
Oct 28 10:37:11 vpn-gw racoon: WARNING: Short payload
Oct 28 10:37:11 vpn-gw racoon: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Oct 28 10:37:15 vpn-gw racoon: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Oct 28 10:37:16 vpn-gw racoon: WARNING: Short payload
Oct 28 10:37:18 vpn-gw racoon: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Oct 28 10:37:20 vpn-gw last message repeated 2 times
Oct 28 10:37:30 vpn-gw racoon: ERROR: phase1 negotiation failed due to time up. 51160b10a60c9546:a7658bad419f136c
More information about the vpn-help
mailing list