[Vpn-help] Problem importing pcf file
Matthew Grooms
mgrooms at shrew.net
Tue Aug 18 01:03:28 CDT 2009
David Perrault wrote:
> Thanks Matthew.
>
> I set Authentication -> Remote Identify -> IP Address -> use a
> dsicovered remote address.
>
> Still getting the same problem.
>
Hi David,
Its accepting the Remote ID now. Your seeing a different problem ...
> 09/08/16 16:28:42 <- : recv IKE packet 152.62.108.71:500 ->
> 10.10.10.50:500 ( 108 bytes )
> 09/08/16 16:28:42 DB : phase1 found
> 09/08/16 16:28:42 ii : processing config packet ( 108 bytes )
> 09/08/16 16:28:42 DB : config not found
> 09/08/16 16:28:42 DB : config added ( obj count = 1 )
> 09/08/16 16:28:42 == : new config iv ( 8 bytes )
> 09/08/16 16:28:42 =< : cookies 1820dc757df6e150:bbf6bc5f80ab5e2a
> 09/08/16 16:28:42 =< : message 3a689107
> 09/08/16 16:28:42 =< : decrypt iv ( 8 bytes )
> 09/08/16 16:28:42 == : decrypt packet ( 108 bytes )
> 09/08/16 16:28:42 <= : trimmed packet padding ( 4 bytes )
> 09/08/16 16:28:42 <= : stored iv ( 8 bytes )
> 09/08/16 16:28:42 << : hash payload
> 09/08/16 16:28:42 << : attribute payload
> 09/08/16 16:28:42 == : configure hash_i ( computed ) ( 16 bytes )
> 09/08/16 16:28:42 == : configure hash_c ( computed ) ( 16 bytes )
> 09/08/16 16:28:42 ii : configure hash verified
> 09/08/16 16:28:42 !! : warning, unhandled xauth attribute 32136
> 09/08/16 16:28:42 !! : warning, unhandled xauth attribute 16523
> 09/08/16 16:28:42 ii : received xauth request - Enter Username and Password.
The client doesn't currently handle attribute 16523. This is an XAUTH
PASSCODE ( A token card's passcode ). I don't have any token cards to
test with and am not exactly how the feature is intended to work.
> 09/08/16 16:28:42 ii : added standard xauth username attribute
> 09/08/16 16:28:42 ii : sending xauth response for perrad
> 09/08/16 16:28:42 >> : hash payload
> 09/08/16 16:28:42 >> : attribute payload
> 09/08/16 16:28:42 == : new configure hash ( 16 bytes )
> 09/08/16 16:28:42 >= : cookies 1820dc757df6e150:bbf6bc5f80ab5e2a
> 09/08/16 16:28:42 >= : message 3a689107
> 09/08/16 16:28:42 >= : encrypt iv ( 8 bytes )
> 09/08/16 16:28:42 == : encrypt packet ( 70 bytes )
> 09/08/16 16:28:42 == : stored iv ( 8 bytes )
> 09/08/16 16:28:42 -> : send IKE packet 10.10.10.50:500 ->
Since your passcode is not being processed, we only send the user name
with no other credentials. Sorry, but this probably won't work for your
gateway configuration until I have a chance to add support for this feature.
-Matthew
More information about the vpn-help
mailing list