Hi,

I have just tested with ipsec-tools CVS HEAD - XAuth is still not being recognised.

In the racoon -d -F log for the 2nd packet received:
    2008-07-28 13:59:42: INFO: received Vendor ID: CISCO-UNITY
    2008-07-28 13:59:42: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
    2008-07-28 13:59:42: DEBUG: received unknown Vendor ID
    2008-07-28 13:59:42: DEBUG:
    41b3b407 63b17255 e2971265 63f18856
    2008-07-28 13:59:42: DEBUG: received unknown Vendor ID
    2008-07-28 13:59:42: DEBUG:
    1f07f70e aa6514d3 b0fa9654 2a500100

and later
    2008-07-28 13:59:54: DEBUG: Configuration exchange type mode config REQUEST
    2008-07-28 13:59:54: DEBUG: Short attribute XAUTH_TYPE = 0
    2008-07-28 13:59:54: ERROR: Xauth mode config request but peer did not declare itself as Xauth capable


Wireshark v1.0.0 shows the following Vendor IDs being received in the 2nd packet.
    CISCO-UNITY-1.0
    draft-beaulieu-ike-xauth-02.txt
    E4869568912FEB281FD051B05DDD9822
    DISCO-CONCENTRATOR

Not sure what else to try..... any suggestions ?

Thanks
Dave


Timo Teräs wrote:
David Clarke wrote:
  
I am using racoon 0.7.1 to connect to a Cisco 5520 ASA which also seems
to send Vendor ID's in the second packet - so XAuth is refused.

Have you made any progress on a fix for this issue yet ?

I would be happy to help test any patch if that would help.
    

A fix is committed to CVS HEAD. Could you test it?

We might backport it to 0_7 branch too, if it gets other fixes and the
Vendor ID patch proves to be stable enough.

Cheers,
  Timo


  

-- 
Dave Clarke
Director - Technology
Flat Cat IT Ltd           www.flatcatit.co.nz
Tel/Fax: +64-3-542-4530   Mob: 021-886-033   Skype: daveclarke.flatcatit
------------------------------
Need help with operating your sports club ? visit www.opensportz.org !