Hi everybody
I did setup the shrew vpn client with the following installation guide:
http://www.shrew.net/support/wiki/HowtoMonowallWhen I try to connect I'm getting the following log entries in the M0n0wall:
May 11 09:08:23 racoon: ERROR: phase1 negotiation failed.
May 11 09:08:23 racoon: ERROR: failed to pre-process packet.
May 11 09:08:23 racoon: ERROR: failed to get valid proposal.
May 11 09:08:23 racoon: ERROR: no suitable proposal found.
May 11 09:08:23 racoon: ERROR: rejected authmethod: DB(prop#1:trns#1):Peer(prop#1:trns#1) = pre-shared key:65001
May 11 09:08:23 racoon: INFO: Selected NAT-T version: RFC 3947
May 11 09:08:23 racoon: INFO: received Vendor ID: CISCO-UNITY
May 11 09:08:23 racoon: INFO: received Vendor ID: DPD
May 11 09:08:23 racoon: INFO: received Vendor ID: RFC 3947
May 11 09:08:23 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
May 11 09:08:23 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
May 11 09:08:23 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01
May 11 09:08:23 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00
May 11 09:08:23 racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
May 11 09:08:23 racoon: INFO: begin Aggressive mode.
May 11 09:08:23 racoon: INFO: respond new phase 1 negotiation: {M0n0wall-IP}[500]<=>{Client-IP}[17896]
This is my M0n0wall configuration:
n:version:2
n:network-ike-port:500
n:network-mtu-size:1380
n:network-natt-port:4500
n:network-natt-rate:30
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:0
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:1
n:client-dns-used:0
n:client-dns-auto:0
n:client-splitdns-used:0
n:client-splitdns-auto:0
n:phase1-dhgroup:2
n:phase1-life-secs:54600
n:phase1-life-kbytes:0
n:vendor-chkpt-enable:0
n:phase2-life-secs:28800
n:phase2-life-kbytes:0
n:policy-nailed:0
n:policy-list-auto:0
s:network-host:{M0n0wall}
s:client-auto-mode:pull
s:client-iface:direct
s:network-natt-mode:enable
s:network-frag-mode:disable
s:auth-method:mutual-psk-xauth
s:ident-client-type:ufqdn
s:ident-server-type:address
s:ident-client-data:{email address}
b:auth-mutual-psk:*********************
s:phase1-exchange:aggressive
s:phase1-cipher:3des
s:phase1-hash:sha1
s:phase2-transform:esp-3des
s:phase2-hmac:sha1
s:ipcomp-transform:disabled
n:phase2-pfsgroup:2
s:policy-list-include:192.168.1.0 / 255.255.255.0
Can somebody help me please? There is probably something wrong in the installation guide from Shrew.
Many thanx
bb