[vpn-help] Mutual RSA+XAuth problem
Gerd Röthig
gerd_roethig at web.de
Mon Apr 22 06:58:03 CDT 2013
Hello all,
I read this mailing list for some time now. Again and again, there are
problems with Shrew Soft VPN client and several Juniper equipment. It seems
that Shrew Soft VPN Client simply does not work with the Juniper devices.
Perhaps, this is by design (if Juniper offers their own client software).
Or, it is like many ultra-professional "Web Applications" which only work
with Internet Explorer. Although it seems like a suboptimal idea at a first
glance, you should perhaps be thinking about using the Juniper certified
client software (if there is any) or reverting to Cisco Systems VPN client.
Kind regards,
Gerd
2013/4/22 eric xu <chixu8341 at hotmail.com>
> Hi All,
>
> While testing Client 2.17 on Ubuntu 12.04 LTS following
> Howto_Juniper_SSG_Using_Certs) with SSG20 I come across following problem:
>
> 13/04/22 15:34:16 -> : send NAT-T:IKE packet 192.168.1.108:4500 ->
> 120.72.49.xxx:4500 ( 2036 bytes )
> 13/04/22 15:34:16 ii : *unable to get local issuer certificate(20) at
> depth:0*
> 13/04/22 15:34:16 ii : subject :/C=CN/ST=Beijing/L=Beijing/O= Ltd.
> /O=Chenhongli Beijing Co./OU=IT/CN=0164022011000224/CN=rsa-key/CN=
> vpn.chenhongli-bj.net/CN=Ms. Helen Wang
> 13/04/22 15:34:16 !! : unable to verify remote peer certificate
>
> Since it is a self-signed certificate and per howto I did place the ca.crt
> into ~/.ike/certs but still has above problem.
>
> Any help will be appreciated.
>
> Eric
>
>
>
>
>
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> https://lists.shrew.net/mailman/listinfo/vpn-help
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20130422/e2fefaaf/attachment.html>
More information about the vpn-help
mailing list