From: Michael M. <mi...@ma...> - 2005-03-17 19:23:54
|
Thanks for the info. I updated the auth method to be rsasig because I=20 am going to be using certificates. I have generated certificates for=20 the CA the server and a client.=20 I suppose where the majority of my problem is now setting up the windows=20 client. I am having a heck of a time getting it to use a certificate. =20 I am getting a 798 error message about not being able to find a=20 certificate. Has anyway come across this before (I have seen postings=20 on the web, but the instructions to fix aren't too clear). ~Mike Emmanuel Dreyfus wrote: >On Thu, Mar 17, 2005 at 11:58:20AM -0500, Michael MacFadden wrote: > =20 > >>At this point I am using the built in windows xp L2TP IPsec client. I=20 >>don't have any other client at the moment. >> =20 >> > >hybrid_rsa_server is to be used with client speaking Xauth and hybrid au= th >IPsec extensions, which is not the case of a client doing L2TP/IPsec > >You have to use either pre_shared_key if you use pr=E9 shared keys (aka=20 >PSK, aka group password, it's insecure), or rsasig if you use certificat= es. > >Cisco VPN client can be used with hybrid_rsa_server, but not the=20 >Windows built-in client. > > =20 > |