[Vpn-help] Netscreen problem with External Authentication (securid)
Brandon Clinger
bclinger at 2co.com
Wed Sep 9 09:04:13 CDT 2009
That worked perfectly for me. That is awesome. I look forward to 2.1.5 with netscreen with external auth and Windows 7 support!
--
Brandon
-----Original Message-----
From: Matthew Grooms [mailto:mgrooms at shrew.net]
Sent: Wednesday, September 09, 2009 1:20 AM
To: Anders Westin
Cc: vpn-help at lists.shrew.net
Subject: Re: [Vpn-help] Netscreen problem with External Authentication (securid)
Anders Westin wrote:
> Problem to Authentication with xauth and netscreen and "External
> Authentication"
>
Hi Anders,
This problem has been reported in the past. The PASSCODE attribute was
not handled and I thought it would be a lot of work to implement. After
reviewing the Xauth RFC draft, it turned out to be a lot simpler that I
had initially anticipated.
> 09/09/03 15:48:26 <- : recv IKE packet xxx.xxx.144.23:500 -> xxx.xxx.
> 144.2:500 ( 76 bytes )
> 09/09/03 15:48:26 DB : phase1 found
> 09/09/03 15:48:26 ii : processing config packet ( 76 bytes )
> 09/09/03 15:48:26 DB : config found
> 09/09/03 15:48:26 == : new config iv ( 8 bytes )
> 09/09/03 15:48:26 =< : cookies 447ad51cfa97cb63:3ed0e272b4cc3753
> 09/09/03 15:48:26 =< : message c49e1de2
> 09/09/03 15:48:26 =< : decrypt iv ( 8 bytes )
> 09/09/03 15:48:26 == : decrypt packet ( 76 bytes )
> 09/09/03 15:48:26 <= : trimmed packet padding ( 4 bytes )
> 09/09/03 15:48:26 <= : stored iv ( 8 bytes )
> 09/09/03 15:48:26 << : hash payload
> 09/09/03 15:48:26 << : attribute payload
> 09/09/03 15:48:26 == : configure hash_i ( computed ) ( 20 bytes )
> 09/09/03 15:48:26 == : configure hash_c ( computed ) ( 20 bytes )
> 09/09/03 15:48:26 ii : configure hash verified
> 09/09/03 15:48:26 !! : warning, unhandled xauth attribute 16523
> 09/09/03 15:48:26 ii : received xauth request -
Can you please give the following build a try. If it works, I'll add the
changes to 2.1.5 before release. Its kind of a hack, but its only a few
lines worth of hack :)
http://www.shrew.net/download/vpn/vpn-client-2.2.0-passcode-1.exe
Thanks,
-Matthew
More information about the vpn-help
mailing list