From: Don S. <do...@se...> - 2005-04-01 20:08:25
|
On 10:24 Fri 01 Apr , F. Senault wrote: > Yes, it is. Actually, that's probably the reason behind all the logs > you referenced. It seems that the system at the other end of the tunnel > tries to configure your end, just like it would do to a classical > roadwarrior, but I think we only support it in the hybrid modes > (xauth_psk, hybrid_rsa, and maybe xauth_rsa when it'll be done). Well that is just sorry news then. Ultimately I think I'll want hybrid_rsa_client. Some more background, all the windows clients enter into QUICK mode. I do see QUICK mode in my racoon logs, and lot of hashing and numbers flying by. Then I get this: Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 1 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 2 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 3 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 3 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 4=20 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 13 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 13 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 13 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 13 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 13 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 0=20 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 6400 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 26824 Apr 1 13:58:08 linguo racoon: DEBUG: Unexpected SET attribute 0 And that final attribute 0 lin will repeat very fast, causing racoon to die. > It's the magic of NAT - once you have established the connection, it > should flow in both ways. I'll leave it for now, it doesn't seem to be a cause of any problems currently. --=20 Don Seiler do...@se... Public Key: http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xFC87F041 Fingerprint: 0B56 50D5 E91E 4D4C 83B7 207C 76AC 5DA2 FC87 F041 |