View Single Post
  #1   (View Single Post)  
Old 21st July 2009
milo974 milo974 is offline
Fdisk Soldier
Join Date: Jul 2008
Posts: 58
Wink mobile client to ipsec gateway


I'm trying to do an ipsec tunnel using openbsd and client software : "Shrew Vpn client" (Windows xp) ; in first time i try it on my local network (not over internet). I ve also read man pages of ipsec.conf ; isakmpd ; ipsecctl

Here what i ve done :
On the openbsd (4.5) gateway ( ip:
**rc.conf.local :
**ipsec.conf :
ike dynamic from any to any \
main auth hmac-sha1 enc aes group modp1024
quick auth hmac-sha1 enc aes psk 123456A
**pf is disable

On the client side :
Windows XP SP3
Shrew Vpn Client vers : 2.1.4
What i have done :
**Remote host : port 500
Auto config ike config pull
** Local Host : use a virtual adapter
** Client
Nat disable
**Name resolution
all is disable
Local host : auto ip address
Remote : auto ip address
Credential : mutual PSK and entry the preshared key (123456A).
**Phase 1
Exchange type : main
**Phase 2
Exchange type : esp-aes
Obtain automatically...

When i try to connect i have the following message :
"config loaded for site ''
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
pre-shared key configured
bringing up tunnel ...
invalid message from gateway
tunnel disabled
detached from key daemon . "

I cant open ipsec tunnel, can you help me please ?

Last edited by milo974; 21st July 2009 at 05:34 AM. Reason: something missing
Reply With Quote