Hello, my comments / questions are inside : I have the same problems with SuSE 9.1 / Freeswan 2.04 and Win XP Prof Clients (SP1) Stefan-Michael. Günther (in-put GbR) schrieb:
Hi,
it's always a good idea to solve your own problems.
Here's the small list of things I made wrong and which obviously made the difference between win2k and win xp as a FreeSWAN-Client:
1. The time of validity for the client certificate should be between the validity of the certificate of the CA.
this is obvious :-) , otherwise it wouldn't be a valid certificate !
2. Don't use strange characters like '&' in the DN.
can anybody confirm this ? My DN contains a '&', who thought this might be a problem ?
3. The DN of the CA must be different from the DN of the gateway.
OK, I learned this before, too.
Hope this prevents someone to waste hours like I did.
I wasted them already ... but I think I got a clue now.
Bye,
Stefan