Date: Tue, 21 Nov 2000 22:35:33 -0500 From: Josh Tiefenbach <josh@zipperup.org> To: Boris <koester@x-itec.de> Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPSEC Win2k Message-ID: <20001121223533.B43748@zipperup.org> In-Reply-To: <1563982125.20001122005041@x-itec.de>; from koester@x-itec.de on Wed, Nov 22, 2000 at 12:50:41AM -0800 References: <838997467.20001121113524@x-itec.de> <20001121124847.F37765@zipperup.org> <1563982125.20001122005041@x-itec.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> spdadd 192.168.0.99/32 192.168.0.1 any -P out ipsec
^^^^^^^^^^^
This should probably be 192.168.0.1/32, but I dont think that has any effect
on the prblem your seeing.
> But racoon gives me a lot of error messages, i have added the messages
> here. I really do not know what to do now -((((((((((
>
> Snapshot:
> 2000-11-22 02:53:09: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
> 2000-11-22 02:53:09: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
Urk. I just grepped thru the logs I had, and I dont see any message like this.
I'm not sure whats causing this, or if this is really your problem.
However, I see a whole bunch of 'unacceptable proposal' messages in there. Are
you sure that you've configured racoon to offer the same hash/encryption type
as Win2k. It seems, i think, that your Win2k machine is requesting single-DES,
while the FreeBSD machine only wants to do 3DES.
josh
--
This email has been brought to you by the letters U, U, C, and P
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001121223533.B43748>