Dial-up VPN

Mohammad Rizal Othman rizal at MIMOS.MY
Mon Dec 27 19:35:42 EST 1999


Patrick Ethier wrote:
>
> Hi Mohammed,
>
>  Are you sure that it doesn't support pre-shared secret??? Did you also try
> not specifying anything to see if that would work.? Last thing to try is to
> generate the certificate with PGPNet and then send it to OpenBSD....(If this
> is supported by PGPNet.)
>

That's what I'm trying to do since I couldn't use their certificate
generator (Net Tools PKI Server) due to ITAR.  You however might be able
to use it.

> The only other thing I can see here is that it is PGPNet that is not working
> here, the NO_PROPOSAL_CHOSEN is equivalent to BAD USERNAME OR PASSWORD.
>
> So, the x.509 and/or encryption schemes are definately the problem at this
> point,(You are not getting past Phase 1).
>
> IKE stands for Internet Key Exchange, ISAKMP is a variant of this. They are
> both used in Phase 1 and Phase 2. Phase 1 sets up IPSec tunnel between 2
> gateways, Phase 2 opens that tunnel to the networks behind the gateways, IKE
> manages the encryption keys for both processes.
>
> I'll have to download PGPNet and try it here. Can you give me the URL?
>

Sure.  http://www.nai.com/asp_set/products/tns/pgp_vpn.asp.  I on the
other hand will try Ashley Laurent's.

> Happy Holidays,
>
> Patrick Ethier
> patrick at secureops.com
>

--
,-----------------------------------------------------------------------.
> Mohammad Rizal Othman    |     If it doesn't work, force it.          <
>    rizal at mimos.my        |  If it breaks, it needed replacing anyway. <
`-----------------------------------------------------------------------'

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list