[Vpn-help] ubuntu Linux + shrewsoft 2.1 issue connecting tonetscreen

Zöller, Benjamin Benjamin.Zoeller at salt-solutions.de
Thu Apr 16 07:19:25 CDT 2009 

Zöller, Benjamin wrote:
> It depends on your configuration but the difference between your and
> my config is. 
> 
> General: Auto Configuration: ike config push
> Authentication: Remote Identity -> IP-Address	   <-- If you did not
> specify remote identy, use IP-Address Phase2: Transform Algorithm ->
> don't use auto      <-- I think this is the biggest problem 
> Policy: Maintain Persisten Security Associations   <-- If the tunnel
> goes up, but there is no traffic, use this 
> 
> 
> 
> 
> Stephen Davies wrote:
>> There is the config file exported.
>> Thank you for this
>> 
>> 
>> On Tue, 2009-04-07 at 14:58 +0200, Zöller, Benjamin wrote:
>>> Could you export your client configuration and send me these one.
>>> You could change your GatewayIP and PSK of course.
>>> 
>>> Stephen Davies wrote:
>>>> Thanks for your quick response Benjamin
>>>> 
>>>> What information do you require about the client?
>>>> it is a compaq 2133 laptop running ubuntu 8.10 ipsec-tool
>>>> 1:0.7-2.1ubuntu1 shrewsoft is 2.1.0+dfsg-1
>>>> 
>>>> Stephen
>>>> 
>>>> Zöller wrote:
>>>>> Hi Stephen,
>>>>> if you give me more info about your client configuration, I think
>>>>> I can help you. 
>>>>> 
>>>>> Benjamin
>>>>> 
>>>>> 
>>>>> Stephen Davies wrote:
>>>>> 
>>>>>> Hi all,
>>>>>> 
>>>>>> I was hoping someone could help. I am having an issue connecting
>>>>>> my laptop to my offices netscreen firewall using a dial up VPN.
>>>>>> The laptop is running Ubuntu 8.10 with shrewsoft VPN client 2.1
>>>>>> The firewall I am trying to connecting to is a netscreen-204
>>>>>> with firmware 5.4.0r6.0 
>>>>>> 
>>>>>> The message the netscreen give me whilst trying to connect is
>>>>>> "Phase 1: Responder starts AGGRESSIVE mode negotiations." and
>>>>>> just sits there. 
>>>>>> 
>>>>>> The linux laptop disconnects instantly with the error "Invalid
>>>>>> message from gateway". 
>>>>>> 
>>>>>> this there anywhere in the linux client where I can obtain a
>>>>>> better view of what the Invalid message is?
>>>>>> 
>>>>>> 
>>>>>> The VPN is a standard mutual psk vpn.
>>>>>> 
>>>>>> Any assistance would be great fully received.
>>>>>> 
>>>>>> Stephen Davies
>>>>>> _______________________________________________
>>>>>> vpn-help mailing list
>>>>>> vpn-help at lists.shrew.net
>>>>>> http://lists.shrew.net/mailman/listinfo/vpn-help

More information about the vpn-help mailing list