Dial-up VPN
Mohammad Rizal Othman
rizal at MIMOS.MY
Mon Dec 27 19:35:42 EST 1999
Patrick Ethier wrote:
>
> Hi Mohammed,
>
> Are you sure that it doesn't support pre-shared secret??? Did you also try
> not specifying anything to see if that would work.? Last thing to try is to
> generate the certificate with PGPNet and then send it to OpenBSD....(If this
> is supported by PGPNet.)
>
That's what I'm trying to do since I couldn't use their certificate
generator (Net Tools PKI Server) due to ITAR. You however might be able
to use it.
> The only other thing I can see here is that it is PGPNet that is not working
> here, the NO_PROPOSAL_CHOSEN is equivalent to BAD USERNAME OR PASSWORD.
>
> So, the x.509 and/or encryption schemes are definately the problem at this
> point,(You are not getting past Phase 1).
>
> IKE stands for Internet Key Exchange, ISAKMP is a variant of this. They are
> both used in Phase 1 and Phase 2. Phase 1 sets up IPSec tunnel between 2
> gateways, Phase 2 opens that tunnel to the networks behind the gateways, IKE
> manages the encryption keys for both processes.
>
> I'll have to download PGPNet and try it here. Can you give me the URL?
>
Sure. http://www.nai.com/asp_set/products/tns/pgp_vpn.asp. I on the
other hand will try Ashley Laurent's.
> Happy Holidays,
>
> Patrick Ethier
> patrick at secureops.com
>
--
,-----------------------------------------------------------------------.
> Mohammad Rizal Othman | If it doesn't work, force it. <
> rizal at mimos.my | If it breaks, it needed replacing anyway. <
`-----------------------------------------------------------------------'
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list