• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Wednesday, October 10, 2012

    How to Fix "192-SHA1(2)_160 pfsgroup=no-pfs"

    This is a error related to openswan configuration. Once you have up and running ipsec, while trying to connect to sonicwall vpn you might get this error.

    002 "sonicwall" #2: initiating Quick Mode
    PSK+ENCRYPT+TUNNEL+UP+AGGRESSIVE+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:a0d6gf93 proposal=3DES(3)_192-SHA1(2)_160 pfsgroup=no-pfs}
    117 "sonicwall" #2: STATE_QUICK_I1: initiate
    010 "sonicwall" #2: STATE_QUICK_I1: retransmission; will wait 20s for response

    Check your ipsec.conf file and lookout for this parameter
    # vi /etc/ipsec.conf

    Make sure the pfs=yes
    and restart your ipsec services
    # service ipsec restart
    # ipsec auto --replace sonicwall
    # ipsec whack --name sonicwall --initiate

    It should show something like this if connected successfully
    004 "sonicwall" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x85c33bdf <0xa66ae231 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}

    Check your vpn connection if you are able to ping the VPN local LAN network.

    For complete configuration steps of openswan in RedHat5 with screenshots follow this page
    openswan configuration in RedHat5

    Follow the below links for more tutorials

    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    How to configure Samba 4 Secondary Domain Controller
    How does a DNS query works when you type a URL on your browser?
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to auto start service after reboot in Linux
    What is virtual memory, paging and swap space?


    Post a Comment