[Vpn-help] ubuntu Linux + shrewsoft 2.1 issue connecting to netscreen

Matthew Grooms mgrooms at shrew.net
Tue Apr 7 22:59:45 CDT 2009


Stephen Davies wrote:
> Hi all,
> 
> I was hoping someone could help. I am having an issue connecting my 
> laptop to my offices netscreen firewall using a dial up VPN.
> The laptop is running Ubuntu 8.10 with shrewsoft VPN client 2.1
> The firewall I am trying to connecting to is a netscreen-204 with 
> firmware 5.4.0r6.0
> 
> The message the netscreen give me whilst trying to connect is "Phase 1: 
> Responder starts AGGRESSIVE mode negotiations." and just sits there.
> 
> The linux laptop disconnects instantly with the error "Invalid message 
> from gateway".
> 
> this there anywhere in the linux client where I can obtain a better view 
> of what the Invalid message is?
> 

Hi Stephen,

You want to change the log level output to debug and restart iked. This 
will give you detailed output of what the ike daemon is doing. Please 
see the following document or the iked.conf man page for more info ...

http://www.shrew.net/support/wiki/BugReportVpnUnix

Also, it very well may help if you upgrade to a more recent version of 
ike. The current stable release is 2.1.4 but you would need to compile 
it from source. 2.1.5 should also be out very soon.

Hope this helps,

-Matthew



More information about the vpn-help mailing list