[Vpn-help] shrewsoft not respoding to openswan messages during phase I
Matthew Grooms
mgrooms at shrew.net
Wed Sep 9 01:42:50 CDT 2009
Mohit Mehta wrote:
> I am trying to establish a vpn connection to openswan using shrewsoft vpn client. I am using a similar setup as the example on this page - http://lists.openswan.org/pipermail/users/2006-November/011216.html Specifically, I am trying to connect my window's pc with IP 10.3.0.168 to a box with IP 10.3.0.57 with openswan running on it. The remote network I am trying to access is 192.168.1.0/24 i.e. the private subnet behind the openswan server.
>
> On running wireshark on the pc's interface, I can see phase 1 packets going to and received from the openswan server. However, shrewsoft doesn't seem to respond to the message from openswan and keeps retransmitting phase 1 packets and finally times out. Any help or hints with this would be much appreciated.
>
Hi Mohit,
> 09/09/08 14:53:06 -> : send IKE packet 10.3.0.168:500 -> 10.1.0.57:500 ( 344 bytes )
> 09/09/08 14:53:06 DB : phase1 resend event scheduled ( ref count = 2 )
> 09/09/08 14:53:11 -> : resend 1 phase1 packet(s) 10.3.0.168:500 -> 10.1.0.57:500
> 09/09/08 14:53:16 -> : resend 1 phase1 packet(s) 10.3.0.168:500 -> 10.1.0.57:500
> 09/09/08 14:53:21 -> : resend 1 phase1 packet(s) 10.3.0.168:500 -> 10.1.0.57:500
This is very peculiar. If the client is able to send packets, then it
has attached itself properly to your network driver interface. What I
don't understand is why it would be able to send packets but not see the
received packets. Wireshark uses an NDIS Protocol driver which is higher
up the network stack than the Shrew Soft driver. Typically, you wouldn't
see the return packets in WireShark because they are already intercepted
by the Shrew Soft driver at a lower layer.
In the VPN Trace application, do you see the Hits increase for the IKE
divert firewall rule that gets created for the connection? If so, the
driver does see the IKE packet and is diverting it to the IKE daemon for
inspection. If not, the driver is either not seeing the packet or its
not evaluating it correctly for some reason.
-Matthew
More information about the vpn-help
mailing list