[Vpn-help] 2.1.1 Problems on Vista

Marc Goldburg mgoldburg at assia-inc.com
Tue Sep 9 00:46:56 CDT 2008 

> Your log output shows a failure during Xauth. I have no idea why this 
> would work on XP and not on Vista. Its the same code running on both 
> platforms :) Are you sure you are using exactly the same configuration 
> in both instances? Are you using the same username and password during 
> authentication?
Matthew,

I've attached the config for the Vista 2.1.1 client followed by the 
config for 2.0.3 XP client.  I've obscured the Xauth username/password, 
but I have checked several times that they are the same.


Marc
------------------ VISTA --------------

n:network-ike-port:500
n:network-mtu-size:1380
n:client-addr-auto:1
n:network-natt-port:4500
n:network-natt-rate:15
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:1
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:1
n:client-dns-used:1
n:client-dns-auto:1
n:client-splitdns-used:1
n:client-splitdns-auto:1
n:phase1-dhgroup:2
n:phase1-life-secs:86400
n:phase1-life-kbytes:0
n:phase2-life-secs:3600
n:phase2-life-kbytes:0
n:policy-nailed:0
n:policy-list-auto:1
n:version:2
s:network-host:MyIPAddr
s:client-auto-mode:pull
s:client-iface:virtual
s:network-natt-mode:enable
s:network-frag-mode:enable
s:auth-method:mutual-psk-xauth
s:ident-client-type:keyid
s:ident-server-type:address
s:ident-client-data:XauthUsername
b:auth-mutual-psk:EncryptedXauthPassword
s:phase1-exchange:aggressive
s:phase1-cipher:auto
s:phase1-hash:auto
s:phase2-transform:auto
s:phase2-hmac:auto
s:ipcomp-transform:disabled
n:phase2-pfsgroup:-1
----------------- XP --------------
n:network-ike-port:500
n:client-addr-auto:1
n:network-natt-port:4500
n:network-natt-rate:15
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:1
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:1
n:client-dns-used:1
n:client-dns-auto:1
n:client-splitdns-used:1
n:client-splitdns-auto:1
n:phase1-dhgroup:2
n:phase1-life-secs:86400
n:phase1-life-kbytes:0
n:phase2-life-secs:3600
n:phase2-life-kbytes:0
n:policy-list-auto:1
n:version:2
n:network-mtu-size:1380
n:policy-nailed:0
s:network-host:MyIPAddr
s:client-auto-mode:pull
s:client-iface:virtual
s:client-ip-addr:0.0.0.0
s:client-ip-mask:0.0.0.0
s:network-natt-mode:enable
s:network-frag-mode:enable
s:client-wins-addr:0.0.0.0
s:client-dns-addr:0.0.0.0
s:auth-method:mutual-psk-xauth
s:ident-client-type:keyid
s:ident-server-type:address
s:ident-client-data:XauthUsername
s:auth-mutual-psk:PlaintextXauthPassword
s:phase1-exchange:aggressive
s:phase1-cipher:auto
s:phase1-hash:auto
s:phase2-transform:auto
s:phase2-hmac:auto
s:ipcomp-transform:disabled
n:phase2-pfsgroup:-1

More information about the vpn-help mailing list