Hallo Leute, Habe mal wieder ein neues Problem. VPN auf Linux und Windows2000 Client Ich habe alles so gemacht, wie es in der VPN-Beschreibung steht und es funktioni ert nicht. :-( vielleicht kann mir ja jemand helfen. Wäre jedenfalls schön. Ich ärgere mich jet zt schon mehrere Tage damit rum um herauszufinden, wo das Problem liegt. Hier die /etc/ipsec.conf # basic configuration config setup # THIS SETTING MUST BE CORRECT or almost nothing will work; # %defaultroute is okay for most simple cases. interfaces="ipsec0=eth1" # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=none # Use auto= parameters in conn descriptions to control startup actions. plutoload=%search plutostart=%search # Close down old connection when new one using same ID shows up. uniqueids=yes # defaults for subsequent connection descriptions # (these defaults will soon go away) conn %default keyingtries=1 compress=yes disablearrivalcheck=no authby=rsasig leftrsasigkey=%cert rightrsasigkey=%cert conn roadwarrior right=%any left=213.221.114.23 leftcert=gatecert.pem rightid="C=de, ST=berlin, L=berlin, O=bbw-bua, OU=bbw-bua-gate, CN=peter fuehrer, emailAddress=pefuehrer@bbw-bua.de" auto=add pfs=yes ####################################################### # USAGI IPv4 Transport mode IPsec sample configurations # AH+ESP[noauth+enc] conn testv4 af=inet type=transport auth=ah authby=secret left=192.168.1.1 right=192.168.2.1 esp=3des-md5-96 ah=hmac-md5-96 usw.... wenn ich ipsec starte mit # ipsec setup start --> dann bekomme ich folgende Meld ungen im /var/log/messages Feb 11 15:20:10 gate1 ipsec_setup: Starting FreeS/WAN IPsec 1.99... Feb 11 15:20:10 gate1 ipsec_setup: Using /lib/modules/2.4.21-166-default/kernel/ net/ipv4/ipsec/ipsec.o Feb 11 15:20:10 gate1 kernel: Initalizing IPsec4; based on FreeSWAN 1.98b Feb 11 15:20:11 gate1 ipsec_setup: KLIPS ipsec0 on eth1 213.221.114.23/255.255.2 55.240 broadcast 213.221.114.31 Feb 11 15:20:11 gate1 ipsec__plutorun: Starting Pluto subsystem... Feb 11 15:20:11 gate1 ipsec_setup: ...FreeS/WAN IPsec started Feb 11 15:20:11 gate1 ipsec_setup: ^M^[[124C^[[10D^[[1;32mdone^[[m^O Feb 11 15:20:11 gate1 pluto[21501]: Starting Pluto (FreeS/WAN Version 1.99) Feb 11 15:20:11 gate1 pluto[21501]: including X.509 patch with traffic selecto rs (Version 0.9.34) Feb 11 15:20:11 gate1 pluto[21501]: Changing to directory '/etc/ipsec.d/cacerts' Feb 11 15:20:11 gate1 pluto[21501]: loaded cacert file 'RootCA.der' (1191 byte s) Feb 11 15:20:11 gate1 pluto[21501]: Changing to directory '/etc/ipsec.d/crls' Feb 11 15:20:11 gate1 pluto[21501]: loaded crl file 'crl.pem' (703 bytes) Feb 11 15:20:11 gate1 pluto[21501]: OpenPGP certificate file '/etc/pgpcert.pgp' not found Feb 11 15:20:11 gate1 ipsec__plutorun: ipsec_auto: warning: unsupported compress ignored Feb 11 15:20:11 gate1 pluto[21501]: loaded host cert file '/etc/ipsec.d/gatece rt.pem' (5060 bytes) Feb 11 15:20:11 gate1 pluto[21501]: added connection description "roadwarrior" Feb 11 15:20:11 gate1 pluto[21501]: listening for IKE messages Feb 11 15:20:11 gate1 pluto[21501]: adding interface ipsec0/eth1 213.221.114.23 Feb 11 15:20:11 gate1 pluto[21501]: adding interface ipsec0/eth1 fe80::250:baff: feed:101 Feb 11 15:20:11 gate1 pluto[21501]: loading secrets from "/etc/ipsec.secrets" Feb 11 15:20:11 gate1 pluto[21501]: loaded private key file '/etc/ipsec.d/priv ate/gatekey.key' (1743 bytes) Feb 11 15:20:18 gate1 /etc/hotplug/net.agent[21330]: No HW description found ... exiting Feb 11 15:20:18 gate1 /etc/hotplug/net.agent[21326]: No HW description found ... exiting Feb 11 15:20:18 gate1 /etc/hotplug/net.agent[21348]: No HW description found ... exiting Feb 11 15:20:18 gate1 /etc/hotplug/net.agent[21313]: No HW description found ... exiting Feb 11 15:20:19 gate1 /etc/hotplug/net.agent[21425]: No HW description found ... exiting Feb 11 15:20:19 gate1 /etc/hotplug/net.agent[21421]: No HW description found ... exiting Feb 11 15:20:19 gate1 /etc/hotplug/net.agent[21440]: No HW description found ... exiting Feb 11 15:20:19 gate1 /etc/hotplug/net.agent[21445]: No HW description found ... exiting Feb 11 15:20:23 gate1 kernel: ipsec0: no IPv6 routers present Feb 11 15:43:16 gate1 -- MARK -- ... Hier die Windows Konfiguration: ipsec.conf left=%any leftsubnet=255.255.255.240 leftca="C=de, ST=berlin, L=berlin, O=bbw-bua, OU=e-learning, CN=user, Email=user @bbw-bua.de right=213.221.11X.XX/255.255.255.240 rightsubnet=10.0.0.0/8 rightca="C=?de, ST=berlin, L=berlin, O=bbw-bua, OU=e-learning, CN=Peter, Email=p efuehrer@bbw-bua.de" network=auto auto=start authmode=md5 pfs=yes Wenn ich dann ipsec aufrufe mit: c:\> ipsec -debug Command1: ipsecpol -w REG -p FreeSwan -r Host-roadwarrior -t 213.221.11X.XX/255. 255.255.240 -f 255.255.255.240=10.0.0.0/255.0.0.0 -n ESP[md5,3DES]3600S/50000KPF S -a CERT:"C=de, ST=berlin, L=berlin, O=bbw-bua, OU=e-learning, CN=Peter, E=pefu ehrer@bbw-bua.de" -lan -1p > NUL: Command2: ipsecpol -w REG -p FreeSwan -r Host-roadwarrior -t 213.221.11X.XX/255. 255.255.240 -f 255.255.255.240=10.0.0.0/255.0.0.0 -n ESP[md5,3DES]3600S/50000KPF S -a CERT:"C=de, ST=berlin, L=berlin, O=bbw-bua, OU=e-learning, CN=Peter, E=pefu ehrer@bbw-bua.de" -lan -1p > NUL: Command3: ipsecpol -w REG -p FreeSwan -x > NUL: Dann kommt nix mehr :-( Eigentlich muß doch dann die Benutzeranfrage und das Passwort erscheinen oder et wa nicht? Kann mir jemand sagen, wo hier der Fehler liegt und wie ich ihn am besten behebe n kann? Vielen Dank fürs Lesen und hoffentlich bekomme ich eine Antwort auf mein Problem. Marco