Mailing List Archive: Problem using vpnc with fritzbox vpn

Problem using vpnc with fritzbox vpn - has anyone an Idea

Jan 9, 2013, 10:08 PM

Post #1 of 5 (4676 views)

Hallo,

Accessing my fritzbox with the Integrated Cisco Ipsec vpn Client on Mac
OS X 10.6.8 works without problems.

Now I tried the same with vpnc, and get the following error:

response was invalid [2]: (ISAKMP_N_INVALID_PAYLOAD_TYPE)(1)

The end of the trace generated with --debug 99 is:
...
(DPD)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)

PARSING PAYLOAD type: 00 (ISAKMP_PAYLOAD_NONE)
PARSE_OK
got ike lifetime attributes: 2147483 seconds
IKE SA selected psk+xauth-aes256-sha1
rejecting invalid payload type 11

The error does not change, regardless of IPSec secret, Xauth username
and password are correct or incorrect - only the change of
the IPSec ID will change behaviour.

I use a config file as follows:
IPSec gateway my_dyndns_name
IPSec ID myipsecid
IKE Authmode psk
IPSec secret mysecret
Xauth username myuname
Xauth password mypassword

IPSec ID and username are equal at the Moment for testing.

Regards
Thomas

WWW and Online Services
Technical University of Munich
Germany

_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

Re: Problem using vpnc with fritzbox vpn - has anyone an Idea [ In reply to ]

ml at magickarpet

Jan 14, 2013, 4:38 AM

Post #2 of 5 (4563 views)

Permalink

On Thu, Jan 10, 2013 at 07:08:33AM +0100, t.mehlhart wrote:

Hi,

> IPSec gateway my_dyndns_name
> IPSec ID myipsecid
> IKE Authmode psk
> IPSec secret mysecret
> Xauth username myuname
> Xauth password mypassword

Could you try to remove the Xauth lines of your config file, and enter
the username/password at the prompt? Does this have any effect?

--
Étienne
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

Re: Problem using vpnc with fritzbox vpn - has anyone an Idea [ In reply to ]

t.mehlhart at gmx

Jan 15, 2013, 10:53 PM

Post #3 of 5 (4559 views)

Permalink

Am 14.01.13 13:38, schrieb Étienne:
> On Thu, Jan 10, 2013 at 07:08:33AM +0100, t.mehlhart wrote:
>
> Hi,
>
>> IPSec gateway my_dyndns_name
>> IPSec ID myipsecid
>> IKE Authmode psk
>> IPSec secret mysecret
>> Xauth username myuname
>> Xauth password mypassword
> Could you try to remove the Xauth lines of your config file, and enter
> the username/password at the prompt? Does this have any effect?
>
No, it has no effect

Mistyped username and password have no effect as well (The debug looks
the same, just differnt times
and hexcodes) Even a mistyped IPSec secret has no effect.

Here some Ideas:

Might it be something like a problem, that some string/character
(example: newline instead of CR+NL ) is appendend to my
username/password ?

Is there any testserver, where I could test connecting, and afterwards
look at the debug - to exclude, that this is a Problem of
my Build.

Has anyone successfully tried to connect to the fritzbox with vpnc and
other Operating Systems (freebsd/linux ...) ?

_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

Re: Problem using vpnc with fritzbox vpn - has anyone an Idea [ In reply to ]

ml at magickarpet

Jan 18, 2013, 10:57 AM

Post #4 of 5 (4585 views)

Permalink

On Wed, Jan 16, 2013 at 07:53:14AM +0100, t.mehlhart wrote:

> >>IPSec gateway my_dyndns_name
> >>IPSec ID myipsecid
> >>IKE Authmode psk
> >>IPSec secret mysecret
> >>Xauth username myuname
> >>Xauth password mypassword
> >Could you try to remove the Xauth lines of your config file, and enter
> >the username/password at the prompt? Does this have any effect?
> >
> No, it has no effect

I was just suggesting that because it did on my platform. Sorry it
didn't help.

> Has anyone successfully tried to connect to the fritzbox with vpnc
> and other Operating Systems (freebsd/linux ...) ?

I haven't got access to any fritzbox. If you really want to test, and if
you're trusting me enough, I can try on your fritzbox from OpenBSD, and
send you a debug log. Feel free to contact me privately.

--
Étienne
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

Re: Problem using vpnc with fritzbox vpn - has anyone an Idea [ In reply to ]

t.mehlhart at gmx

Mar 12, 2013, 5:00 AM

Post #5 of 5 (4444 views)

Permalink

Sorry I did not respond for a long time.

I want to inform you all, that I reinstalled vpnc-517 some days ago -
and the Problem is now solved (I don´t know why) - vpnc works !

Thanks to you.

Thomas

Am 18.01.13 19:57, schrieb Étienne:
> On Wed, Jan 16, 2013 at 07:53:14AM +0100, t.mehlhart wrote:
>
>>>> IPSec gateway my_dyndns_name
>>>> IPSec ID myipsecid
>>>> IKE Authmode psk
>>>> IPSec secret mysecret
>>>> Xauth username myuname
>>>> Xauth password mypassword
>>> Could you try to remove the Xauth lines of your config file, and enter
>>> the username/password at the prompt? Does this have any effect?
>>>
>> No, it has no effect
> I was just suggesting that because it did on my platform. Sorry it
> didn't help.
>
>> Has anyone successfully tried to connect to the fritzbox with vpnc
>> and other Operating Systems (freebsd/linux ...) ?
> I haven't got access to any fritzbox. If you really want to test, and if
> you're trusting me enough, I can try on your fritzbox from OpenBSD, and
> send you a debug log. Feel free to contact me privately.
>

_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/