On Tue, 09 Oct 2001 10:56:58 John P. Looney wrote:
> On Sat, Oct 06, 2001 at 09:14:20AM +0100, SeSe mentioned:
> > I'm trying to connect a Suse 7.2 to a Nortel Contivity box using FreeSWan.
> > It doesn't seem to work as well to a Win2K Server VPN...Does anyone have
> > more experience with this issue?
Make sure you run windows update and install the 128bit security update
for win2k. Otherwise if you set the win2k side to use 3DES it'll happily
pretend it's going to, but silently fail back to single DES which
freeswan spits at and rejects. Look in your freeswan logs to see if they
give any hint as to what's going on.
Can you get two linux boxes to talk ipsec? If so, then at least you know
that it's definitely win2k that's at fault.
> Yes. It's horrible. But, you can get it working via the freeswan docs.
> It's just a lot off effort. You are better off subscribing to a freeswan
> list and asking there with very specific questions though. Many things can
> go wrong, especially on the windows side, as there are about fifty steps
> you have to take.
Yep, ipsec on win2k is bizarre and horrible, but it does work, eventually.
It's one of those situations that I hold up as a shining example of why
gui configuration tools for administration are very sucky in comparison to
a simple text config file.
M.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
