Ubuntu
openswan package

xauth doesn't seem to work

Bug #94765 reported by akincer
4
Affects Status Importance Assigned to Milestone
openswan (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: openswan

I'm connecting Herd 5 to a Sonicwall 2040 firewall with XAUTH enabled and the Sonicwall logs report that the client doesn't seem to be able to do xauth. Turning off xauth in ipsec.conf and disabling it on the Sonicwall allows the VPN tunnel to be created successfully.

Here are the details of the setup:

Firewall
----------
Sonicwall 2040
SonicOS Enhanced 3.2.0.3-54e

Client
--------

Ubuntu 7.04 Feisty (Herd 5)
IPSec Patches Applied
Racoon installed (not sure if this is needed)

/etc/ipsec.conf
-------------------

config setup
       interfaces="ipsec0=eth0"
       nat_traversal=yes
       nhelpers=0

conn sonicwall
       type=tunnel
       left= my.eth0.ip.address
       leftnexthop=my.home.router.inside.ip
       leftsubnet=my.home.network.subnet/24
       leftid=@GroupVPN
       right=my.sonicwall.public.ip
       rightsubnet=my.sonicwall.private.subnet /24
       <email address hidden> <http://my.sonicwall.unique.id>
       keyingtries=0
       pfs=no
       aggrmode=no
       auto=add
       auth=esp
       ike=aes128-sha1
       esp=aes128-sha1
       authby=secret
       xauth=yes
       keyexchange=ike

/etc/ipsec.secrets
-----------------------

: PSK "my.shared.secret"

connection command
----------------------------

sudo ipsec whack --name sonicwall --listen --initiate

Revision history for this message
akincer (kincera) wrote :

Same behavior on Edgy. Might be a Sonicwall issue. Are Openswan packages built with XAUTH enabled?

Revision history for this message
Daniel T Chen (crimsun) wrote :

Is this symptom still reproducible in 8.10 alpha?

Changed in openswan:
status: New → Incomplete
Revision history for this message
akincer (kincera) wrote : Re: [Bug 94765] Re: xauth doesn't seem to work

I am unable to confirm as I no longer manage or am connected to the
Sonicwall firewalls where I originally filed the bug.

On Sun, Sep 28, 2008 at 11:33 PM, Daniel T Chen <email address hidden>wrote:

> Is this symptom still reproducible in 8.10 alpha?
>
> ** Changed in: openswan (Ubuntu)
> Status: New => Incomplete
>
> --
> xauth doesn't seem to work
> https://bugs.launchpad.net/bugs/94765
> You received this bug notification because you are a direct subscriber
> of the bug.
>

Revision history for this message
Dimitrios Symeonidis (azimout) wrote :

as per your last comment, I'm closing this bug report...

Changed in openswan (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.