[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: Re: [strongSwan] StrongSwan 4.2.4 with Windows 7
From: Wihsböck_Michael <M.Wihsboeck () sumetzberger ! at>
Date: 2009-12-30 13:22:37
Message-ID: 1919979E645B334A9D8CFC09CCF2033787AE79E0 () srv-exchange ! sumetzberger ! local
[Download RAW message or body]
Hi Daniel,
thank you for your help. After switching to the newest strongswan release it works \
great.
Kind regards,
Michael
-----Original Message-----
From: Daniel Mentz [mailto:danielml+mailinglists.strongswan@sent.com]
Sent: Tuesday, December 29, 2009 1:15 PM
To: Wihsböck Michael
Cc: users@lists.strongswan.org
Subject: Re: [strongSwan] StrongSwan 4.2.4 with Windows 7
Generally speaking, I would try to use the most up-to-date version of
strongSwan just to rule out that a bug that is already fixed causes the
problem.
You could configure the source code with s.th. like
./configure --prefix=/home/michael/strongswan_playground/
If you run "make install" afterwards, it copies the files into this
dedicated directory instead of overwriting the existing version of
strongSwan.
What's the CA of the certificate you installed on the Windows 7 box? Did
you store that in /etc/ipsec.d/cacerts. Please run
ipsec listcacerts
and provide the output to us. Also, a more comprehensive log file would
be helpful.
-Daniel
Wihsböck Michael wrote:
> Hi,
>
> I'm using StrongSwan 4.2.4 (default in Debian 5.0) and tried to enable it to accept \
> Windows 7 IPSec-VPN connections as desribed on \
> http://wiki.strongswan.org/wiki/1/Windows7. I got it working that the certificates \
> are accepted correctly on windows 7 side but now the connection establishment times \
> out. The only message I receive on the StrongSwan system is "Dec 28 18:06:39 debian \
> charon: 09[AUD] 188.23.82.145 is initiating an IKE_SA". In the Windows 7 Connection \
> Status and Log Information Page \
> (http://wiki.strongswan.org/wiki/strongswan/Win7Status) this message is immediately \
> followed by something like "sending cert request for "C=AT, ..." but this message \
> doesn't appear :(
> My ipsec.conf:
>
> config setup
> plutostart=no
>
> conn windows7
> left=%defaultroute
> leftcert=server3Cert.pem
> leftsubnet=192.168.21.0/24
> right=%any
> rightsourceip=192.168.1.0/24
> rightid="C=AT, ST=Wien, O=Company, OU=Department, CN=support, E=email@test.tld"
> keyexchange=ikev2
> auto=add
>
> Is the used strongSwan version too old?
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic