[Swan] Trying to connect using libreswan to a Fortigate IPsec VPN
Dan Stromberg
dstromberg at keepersecurity.com
Tue Jul 13 04:04:59 UTC 2021
I just hit upon this way of getting ike-scan to talk to a Fortigate box:
+ ike-scan --multiline --dhgroup=5 --id=officelan --aggressive -v -v -v
fortigate.example.com
DEBUG: pkt len=429 bytes, bandwidth=56000 bps, int=65285 us
Starting ike-scan 1.9.4 with 1 hosts (
http://www.nta-monitor.com/tools/ike-scan/)
Host List:
Entry IP Address Cookie
1 1.1.1.1 79b5d29790b9681f
Total of 1 host entries.
...
--- Sending packet #1 to host entry 1 (50.231.18.186) tmo 500000 us
--- Received packet #1 from 50.231.18.186
50.231.18.186 Aggressive Mode Handshake returned
HDR=(CKY-R=9f722584cec7642d)
SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=5:modp1536 LifeType=Seconds
LifeDuration(4)=0x00007080)
KeyExchange(192 bytes)
Nonce(16 bytes)
ID(Type=ID_IPV4_ADDR, Value=50.231.18.186)
Hash(20 bytes)
VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)
VID=09002689dfd6b712 (XAUTH)
VID=8299031757a36082c6a621de00000000
--- Removing host entry 1 (50.231.18.186) - Received 388 bytes
Ending ike-scan 1.9.4: 1 hosts scanned in 0.099 seconds (10.11 hosts/sec).
1 returned handshake; 0 returned notify
I've tried a number of things in the ike-scan invocation, but the last
thing I changed before it started behaving a little better, was to add the
--dhgroup=5 .
Does that help formulate some educated guesses?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20210712/eedfe4ba/attachment.html>
More information about the Swan
mailing list