xauth doesn't seem to work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openswan (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: openswan
I'm connecting Herd 5 to a Sonicwall 2040 firewall with XAUTH enabled and the Sonicwall logs report that the client doesn't seem to be able to do xauth. Turning off xauth in ipsec.conf and disabling it on the Sonicwall allows the VPN tunnel to be created successfully.
Here are the details of the setup:
Firewall
----------
Sonicwall 2040
SonicOS Enhanced 3.2.0.3-54e
Client
--------
Ubuntu 7.04 Feisty (Herd 5)
IPSec Patches Applied
Racoon installed (not sure if this is needed)
/etc/ipsec.conf
-------------------
config setup
nhelpers=0
conn sonicwall
type=tunnel
left= my.eth0.ip.address
<email address hidden> <http://
pfs=no
aggrmode=no
auto=add
auth=esp
xauth=yes
/etc/ipsec.secrets
-------
: PSK "my.shared.secret"
connection command
-------
sudo ipsec whack --name sonicwall --listen --initiate
Same behavior on Edgy. Might be a Sonicwall issue. Are Openswan packages built with XAUTH enabled?