[Vpn-help] Netscreen problem with External Authentication (securid)
Matthew Grooms
mgrooms at shrew.net
Wed Sep 9 00:19:38 CDT 2009
Anders Westin wrote:
> Problem to Authentication with xauth and netscreen and "External
> Authentication"
>
Hi Anders,
This problem has been reported in the past. The PASSCODE attribute was
not handled and I thought it would be a lot of work to implement. After
reviewing the Xauth RFC draft, it turned out to be a lot simpler that I
had initially anticipated.
> 09/09/03 15:48:26 <- : recv IKE packet xxx.xxx.144.23:500 -> xxx.xxx.
> 144.2:500 ( 76 bytes )
> 09/09/03 15:48:26 DB : phase1 found
> 09/09/03 15:48:26 ii : processing config packet ( 76 bytes )
> 09/09/03 15:48:26 DB : config found
> 09/09/03 15:48:26 == : new config iv ( 8 bytes )
> 09/09/03 15:48:26 =< : cookies 447ad51cfa97cb63:3ed0e272b4cc3753
> 09/09/03 15:48:26 =< : message c49e1de2
> 09/09/03 15:48:26 =< : decrypt iv ( 8 bytes )
> 09/09/03 15:48:26 == : decrypt packet ( 76 bytes )
> 09/09/03 15:48:26 <= : trimmed packet padding ( 4 bytes )
> 09/09/03 15:48:26 <= : stored iv ( 8 bytes )
> 09/09/03 15:48:26 << : hash payload
> 09/09/03 15:48:26 << : attribute payload
> 09/09/03 15:48:26 == : configure hash_i ( computed ) ( 20 bytes )
> 09/09/03 15:48:26 == : configure hash_c ( computed ) ( 20 bytes )
> 09/09/03 15:48:26 ii : configure hash verified
> 09/09/03 15:48:26 !! : warning, unhandled xauth attribute 16523
> 09/09/03 15:48:26 ii : received xauth request -
Can you please give the following build a try. If it works, I'll add the
changes to 2.1.5 before release. Its kind of a hack, but its only a few
lines worth of hack :)
http://www.shrew.net/download/vpn/vpn-client-2.2.0-passcode-1.exe
Thanks,
-Matthew
More information about the vpn-help
mailing list