[vpnc-devel] no response from target / hybrid auth does not read certificate
Christoph.Vedder at HS-Karlsruhe.de
Wed Sep 24 15:31:05 CEST 2008
I experience a strange situation when I try to connect to my vpn
There is no evidence that the concentrator certificate is loaded by vpnc.
When I start vpnc using the config below, it starts the tap device (which
stops acquiring an ip address after a very short time (1-2s))
and then vpnc aborts after 10-15s with "no response from target".
Let's talk about my system first.
I'm running XP x64 (AMD64) and have compiled vpnc 0.5.1 using cygwin
(2.573.2.2) and openssl support.
The current version of the openvpn tap drivers (184.108.40.206/2.1_rc11) are also
The concentrator I want to connect is the vpn concentrator of the university
which uses hybrid authentication.
As shown in other threads it is possible to use vpnc to connect to this
(sorry, german only:
My config looks like this:
IPSec ID vpn-split
IPSec gateway vpn.uni-karlsruhe.de
IPSec secret <sorry>
IKE Authmode hybrid
## To add your username and password,
## use the following lines:
Xauth username <sorry>
Interface name TAP-Win32-0901
Interface mode tap
Local Port 0
# Script /etc/vpnc/custom-script.sh
When I monitor vpnc using strace or sysinternals filemonitor, it doesn't
seem to access the CA-File.
And without the certificate it truely cannot connect to the vpn
I already checked the library dependencies using 'objdump -p' and
'depends.exe' and both show up the dependency to cyggcrypt-11.dll,
thus openssl should be available to vpnc, but why isn't it using the
I've attached a debug-3 output for convenience, but couldn't find any errors
Hope, you folks can find something I missed.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 15027 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20080924/bd6c85a1/attachment.obj
More information about the vpnc-devel