Le 14/07/2012 15:12, Lars Wilke a écrit :
Hi,
Hi,
i have an older Debian 5.0.10 system with fwknop-server 1.9.12-3
running. Prior to the upgrade of the fwknop-client everything worked fine.
Now with the new C client in testing the combo of this fwknop server and
client does not work. On the server nothing changed and the client is
called like this:
fwknop -A tcp/22 --server-port<port> -D<host> -s
the packet is generated and the fwknop server sees the package and
reports (when started with --debug)
Fri Jul 13 00:21:14 2012 [-] Digest alg mis-match.
Fri Jul 13 00:21:14 2012 [-] Key mis-match or broken message checksum for
SOURCE ANY (# 2 in access.conf)
Fri Jul 13 00:21:14 2012 [-] Decrypted message does not conform to a valid SPA
packet.
Any ideas what could be wrong, especially since upstream claims the new
client is compatible with the perl server.
I gave it a try and it works for me :(
I used a fwknop-server (1.9.12-2 on squeeze) and a fwknop-client
(2.0.0rc2-2 on sid) with a Rijndael block cipher.
Jul 17 21:39:52 svr-linux5 fwknopd: received valid Rijndael encrypted
packet from: 192.168.10.194, remote user: franck, client version: 1.9.12
(SOURCE line num: 26)
Jul 17 21:39:52 svr-linux5 fwknopd: add FWKNOP_INPUT 192.168.10.194 ->
0.0.0.0/0(tcp/22) ACCEPT rule 30 sec
May I have your fwknopd.conf file to restart my server with your
settings and give it another try?
Regards,
--
Franck
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
