News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: Ipsec and Nokia Mobile VPN
Pages: [1]
Topic: Ipsec and Nokia Mobile VPN  (Read 2070 times)
« on: April 06, 2012, 20:31:34 »
vies *
Posts: 1
Hi everyone,

Has anyone managed to get Ipsec working between monowall and nokia mobile vpn (phone is Nokia E7)?
Currently I'm stuck with rejected authmetod error.

Here is a log

Code:
Apr 6 21:01:42 racoon: ERROR: phase1 negotiation failed.
Apr 6 21:01:42 racoon: ERROR: failed to pre-process packet.
Apr 6 21:01:42 racoon: ERROR: failed to get valid proposal.
Apr 6 21:01:42 racoon: ERROR: no suitable proposal found.
Apr 6 21:01:42 racoon: ERROR: rejected authmethod: DB(prop#1:trns#1):Peer(prop#0:trns#0) = pre-shared key:65001
Apr 6 21:01:42 racoon: INFO: Selected NAT-T version: RFC 3947
Apr 6 21:01:42 racoon: INFO: received Vendor ID: CISCO-UNITY
Apr 6 21:01:42 racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Apr 6 21:01:42 racoon: INFO: received Vendor ID: RFC 3947
Apr 6 21:01:42 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
Apr 6 21:01:42 racoon: INFO: received Vendor ID: DPD
Apr 6 21:01:42 racoon: INFO: begin Aggressive mode.
Apr 6 21:01:42 racoon: INFO: respond new phase 1 negotiation: *monowall WAN IP*[500]<=>*Mobilephone IP*[500]

and here is a setup in monowall

Code:
Phase 1 proposal (Authentication)

Negotiation mode: aggressive
My identifier: My IP address
Encryption algorithm: AES
Hash algorithm: SHA1
DH key group: 2
Authentication method: Pre-shared key



Phase 2 proposal (SA/Key Exchange)

Protocol: ESP
Encryption algorithms: 3DES; Blowfish; CAST 128; Rijndael (AES)
Hash algorithm: SHA1; MD5
PFS key group: 2



Pre-shared keys

Identifier: My email
Pre-shared key: My password

I created VPN policy using Nokia Configuration tool and had following settings:

Code:
General information

Policy name: Monowall
VPN gateway address: My monowall WAN address
IKE mode: IKEv1 aggressive
Authentication method: Pre-shared



IKE

Identity type: 1 - IPv4
Identity value: My monowall WAN ip
Remote ID type: option grayed out
Remote ID: option grayed out
EAP realm prefix: option grayed out



Preshared Key

Format: STRING_FORMAT
Key: My password

So any idea what might be wrong in these settings?

Vies
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines