[vpn-help] Fwd: invalid message from gateway
Stefan Bauer
stefan.bauer at cubewerk.de
Thu Mar 4 02:44:46 CST 2010
Am 04.03.2010 08:59, Libor Arndt schrieb:
> Hi Stefan,
>
> many thanks for the reply.
> Certificate is definitely not broken. I use it with Cisco client on 32 bit
> Vista.
> Problem may be importing.
> I don not understand why I have to import server certificate, client and
> private key and if it's correct or not.
> In npc client I imported the same certificate only once and it worked from
> the start.
>
> I reimported the pcf file and invalid message problem persists, but log is
> different:
>
>
> 10/03/04 08:43:58 ## : IKE Daemon, ver 2.1.6
> 10/03/04 08:43:58 ## : Copyright 2009 Shrew Soft Inc.
> 10/03/04 08:43:58 ## : This product linked OpenSSL 0.9.8h 28 May 2008
> 10/03/04 08:43:58 ii : opened 'C:\Program Files\ShrewSoft\VPN
> Client\debug\iked.log'
> 10/03/04 08:43:58 ii : rebuilding vnet device list ...
> 10/03/04 08:43:58 ii : device ROOT\VNET\0000 disabled
> 10/03/04 08:43:58 ii : network process thread begin ...
> 10/03/04 08:43:58 ii : pfkey process thread begin ...
> 10/03/04 08:43:58 ii : ipc server process thread begin ...
> 10/03/04 08:44:33 ii : ipc client process thread begin ...
> 10/03/04 08:44:33 <A : peer config add message
> 10/03/04 08:44:33 <A : proposal config message
> 10/03/04 08:44:33 <A : proposal config message
> 10/03/04 08:44:33 <A : client config message
> 10/03/04 08:44:33 <A : xauth username message
> 10/03/04 08:44:33 <A : xauth password message
> 10/03/04 08:44:33 <A : remote cert 'C:\Users\Libor Arndt\Documents\Shrew
> Soft VPN\certs\gncs_new.pfx' message
> 10/03/04 08:44:33 !! : 'C:\Users\Libor Arndt\Documents\Shrew Soft
> VPN\certs\gncs_new.pfx' load failed, requesting password
Here we go. The certificate is key protected. Unfortunately i'm not
familiar with the way cisco provides the certificates and howto
export different parts. In the best case it's just an openssl
generated cert and can be exported with openssl as well. Probably
that is what the shrew client is trying to achieve.
Stefan
--
Stefan Bauer -----------------------------------------
PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34
-------- plzk.de - Linux - because it works ----------
More information about the vpn-help
mailing list