[TCLUG] ipsec vpn problem with XP

[Raymond Norton]

I have a few vpn connections between IPCop boxes that work well. I am trying
to set up an XP laptop with a road warrior vpn so I can access my office LAN
via my IPCop box from any ISP connection. It appears I just about have it,
but I am getting the following errors. From looking over different posts on
the Internet it seems it might be the des key that my XP laptop is using.
Not sure how to correct it if it is, or if it is something else.







Any ideas?



All  errors and configs are below:



I get this error while tailing /var/log/secure

Can't
authenticate: no preshared key found for `Public IP of IPCOP' and `%any'.
Attribute OAKLEY_AUTHENTICATION_METHOD
Feb  5 16:32:44 ipcop pluto[5086]: "roadwarrior"[2] Public IP Of remote ISP
#2:
OAKLEY_DES_CBC is not supported.  Attribute OAKLEY_ENCRYPTION_ALGORITHM



<IPCop ipsec.secrets>

<IPCop public IP> 0.0.0.0 : PSK "12345"

<IPCop public IP>%any : PSK "12345"

</IPCop ipsec.secrets>

<IPCOP ipsec.conf>

conn roadwarrior

compress=no

left="Public IP of IPCop"

leftsubnet=192.168.0.0/24

leftnexthop=%defaultroute

type=tunnel

authby=secret

pfs=yes

right=%any

rightsubnet=10.10.10.0/24

rightnexthop=%defaultroute

auto=add

</IPCop ipsec.conf>

<xp ipsec.conf>

conn KDI

left="Public IP of IPCop"

leftsubnet=192.168.0.0/24

right=%any

presharedkey=12345

network=auto

auto=start

pfs=yes

</xp ipsec.conf>


_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list