DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 21st July 2009
milo974 milo974 is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 58
Wink mobile client to ipsec gateway

Hello,

I'm trying to do an ipsec tunnel using openbsd and client software : "Shrew Vpn client" (Windows xp) ; in first time i try it on my local network (not over internet). I ve also read man pages of ipsec.conf ; isakmpd ; ipsecctl

Here what i ve done :
On the openbsd (4.5) gateway (vpn.my.domain) ip: 192.168.0.111:
**rc.conf.local :
ipsec=YES
isakmpd="-K"
**ipsec.conf :
ike dynamic from any to any \
main auth hmac-sha1 enc aes group modp1024
quick auth hmac-sha1 enc aes psk 123456A
**pf is disable

On the client side :
Windows XP SP3
Shrew Vpn Client vers : 2.1.4
What i have done :
**Remote host : 192.168.0.111 port 500
Auto config ike config pull
** Local Host : use a virtual adapter
10.0.0.1/24
** Client
Nat disable
**Name resolution
all is disable
**Auth
Local host : auto ip address
Remote : auto ip address
Credential : mutual PSK and entry the preshared key (123456A).
**Phase 1
Exchange type : main
**Phase 2
Exchange type : esp-aes
**Policy
Obtain automatically...

When i try to connect i have the following message :
"config loaded for site '192.168.0.111'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
pre-shared key configured
bringing up tunnel ...
invalid message from gateway
tunnel disabled
detached from key daemon . "

I cant open ipsec tunnel, can you help me please ?

Last edited by milo974; 21st July 2009 at 05:34 AM. Reason: something missing
Reply With Quote
 

Tags
ipsec, security, vpn

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mobile Broadband adapa OpenBSD General 3 23rd February 2009 09:09 PM
openBSD IPSEC gateway w/WINDOWS XP roadwarrior s2scott OpenBSD Security 7 13th January 2009 11:01 AM
ipsec with client nat sicute OpenBSD General 0 30th October 2008 05:39 PM
IM Client schrodinger OpenBSD Packages and Ports 6 16th September 2008 02:09 PM
DDNS Client revzalot OpenBSD Installation and Upgrading 3 12th August 2008 02:21 AM


All times are GMT. The time now is 11:22 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick