Hi, I didn't get any replies on this question, but the problem turned out to be that I'd been passed the wrong shared secret. This was something I asked about right at the start, but only came to light when I got a copy of the config of the remote box. I thought it might be worth adding this info to the archives, since information on troubleshooting this problem was a little scarce. Regards Kieran On Thu, May 08, 2003 at 04:38:21PM +0100, kbarry@enpocketbureau.com wrote: > Hi, > > I'm trying to negotiate a vpn tunnel with a cisco box, > and I'm having problems. > > I'm using the native ipsec/ike on a Solaris 9 box > with a preshared key, esp-3des and md5. > > The error I'm getting when I run /usr/lib/inet/in.iked -d > appears to be a timeout. I've changed the ip addresses in > the following but, both are routable. 192.16.8.1 represents the > local box. > > Thu May 08 16:15:36 2003: ./in.iked: In match_phase1. > Thu May 08 16:15:36 2003: ./in.iked: get_phase1: searching rulebase for src = 192.168.1.1 > Thu May 08 16:15:36 2003: ./in.iked: get_phase1: dst = 10.0.0.1 > Thu May 08 16:15:36 2003: ./in.iked: get_phase1: rule simple inheritor 0x1 > Thu May 08 16:15:36 2003: ./in.iked: laddr = AF2:192.168.1.1 > Thu May 08 16:15:36 2003: ./in.iked: raddr = AF2:10.0.0.1! > Thu May 08 16:15:36 2003: ./in.iked: winning rule: simple inheritor > <snip> _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu May 15 10:15:13 2003
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:11 EST