Thread: isakmp to ipsec
View Single Post
  #4   (View Single Post)  
Old 17th November 2010
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Default

ok so ran into another problem.

Seems like the any to any is not helping out. I read this thread and basically i am expirencing same problem.

The solution from greebbow site does not make much sense to me.

i get an error on the BSD box saying
responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 10.3.1.2, responder id 10.0.0.0/255.0.0.0

and on the VPN client saying i get wrong remote ids and the errors show in the pic.

basically I want anyone with the right creditials to be able to connect thus the any. not sure what the remote id means.

Greenbow says
Remote ID is the identity the VPN Client is expecting to receive during
Phase 1 from the VPN gateway. This identity can be:
· an IP address (type = IP address), for example: 80.2.3.4
· a domain name (type = DNS), e.g. gateway.mydomain.com
· an email address (type = Email), e.g. admin@mydomain.com
· a string (type = KEY ID), e.g. 123456
· a certificate issuer (type=DER ASN1 DN) (see Certificates
configuration) If this identity is not set, VPN gateway's IP address is
used.

Any thoughts as to the issue. Thanks
Attached Images
File Type: jpg vpn.jpg (114.8 KB, 163 views)
Reply With Quote