[strongSwan] FW: Win7 machine certificate connection failing
Noel Kuntze
noel at familie-kuntze.de
Thu Jul 18 21:26:47 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello Gregg,
I think the reason for that is, that you quoted the passphrase. Remove
the quotes and try again.
Perhaps this will help.
Regards,
Noel
Am 18.07.2013 21:02, schrieb Gregg Hughes:
> I wanted to update the information here with results from some config
> changes.
>
> I added/reconfigured the ipsec.conf to have an EAP-MSCHAPV2 connection
> available, then changed the information on the Windows client side to use
> EAP when making the connection. Here's the syslog output:
>
>
> --------------Clip from syslog------------------
>
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] received stroke: delete
> connection 'net-net'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] deleted connection 'net-net'
> Jul 17 13:41:40 strongswan1 charon: 04[CFG] received stroke: delete
> connection 'rw'
> Jul 17 13:41:40 strongswan1 charon: 04[CFG] deleted connection 'rw'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] received stroke: delete
> connection 'rw2'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] deleted connection 'rw2'
> Jul 17 13:41:40 strongswan1 charon: 05[CFG] received stroke: delete
> connection 'rw-eap'
> Jul 17 13:41:40 strongswan1 charon: 05[CFG] deleted connection 'rw-eap'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] received stroke: add
connection
> 'net-net'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] added configuration 'net-net'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] received stroke: add
connection
> 'rw'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] added configuration 'rw'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] received stroke: add
connection
> 'rw2'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] loaded certificate "C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1" from 'cacert.pem'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] id '192.168.91.163' not
> confirmed by certificate, defaulting to 'C=US, ST=Wisconsin, O=ISC
> International, Ltd., CN=strongswan1'
> Jul 17 13:41:40 strongswan1 charon: 16[CFG] added configuration 'rw2'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] received stroke: add
connection
> 'rw-eap'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] loaded certificate "C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1" from 'cacert.pem'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] id '192.168.91.163' not
> confirmed by certificate, defaulting to 'C=US, ST=Wisconsin, O=ISC
> International, Ltd., CN=strongswan1'
> Jul 17 13:41:40 strongswan1 charon: 07[CFG] added configuration 'rw-eap'
> Jul 17 13:42:46 strongswan1 charon: 11[NET] received packet: from
> 192.168.91.166[500] to 192.168.91.163[500]
> Jul 17 13:42:46 strongswan1 charon: 11[ENC] parsed IKE_SA_INIT request 0 [
> SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
> Jul 17 13:42:46 strongswan1 charon: 11[IKE] 192.168.91.166 is
initiating an
> IKE_SA
> Jul 17 13:42:46 strongswan1 charon: 11[IKE] sending cert request for
"C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1"
> Jul 17 13:42:46 strongswan1 charon: 11[ENC] generating IKE_SA_INIT
response
> 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
> Jul 17 13:42:46 strongswan1 charon: 11[NET] sending packet: from
> 192.168.91.163[500] to 192.168.91.166[500]
> Jul 17 13:42:46 strongswan1 charon: 14[NET] received packet: from
> 192.168.91.166[4500] to 192.168.91.163[4500]
> Jul 17 13:42:46 strongswan1 charon: 14[ENC] unknown attribute type
> INTERNAL_IP4_SERVER
> Jul 17 13:42:46 strongswan1 charon: 14[ENC] unknown attribute type
> INTERNAL_IP6_SERVER
> Jul 17 13:42:46 strongswan1 charon: 14[ENC] parsed IKE_AUTH request 1
[ IDi
> CERTREQ N(MOBIKE_SUP) CP(ADDR DNS NBNS SRV ADDR6 DNS6 SRV6) SA TSi TSr ]
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] received cert request for
"C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1"
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] received 8 cert requests
for an
> unknown ca
> Jul 17 13:42:46 strongswan1 charon: 14[CFG] looking for peer configs
> matching 192.168.91.163[%any]...192.168.91.166[192.168.91.166]
> Jul 17 13:42:46 strongswan1 charon: 14[CFG] selected peer config 'rw'
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] peer requested EAP, config
> inacceptable
> Jul 17 13:42:46 strongswan1 charon: 14[CFG] switching to peer config 'rw2'
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] peer requested EAP, config
> inacceptable
> Jul 17 13:42:46 strongswan1 charon: 14[CFG] switching to peer config
> 'rw-eap'
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] using configured EAP-Identity
> gregg
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] initiating EAP_MSCHAPV2 method
> (id 0x77)
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] peer supports MOBIKE
> Jul 17 13:42:46 strongswan1 charon: 14[IKE] no private key found for
'C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1'
> Jul 17 13:42:46 strongswan1 charon: 14[ENC] generating IKE_AUTH
response 1 [
> N(AUTH_FAILED) ]
> Jul 17 13:42:46 strongswan1 charon: 14[NET] sending packet: from
> 192.168.91.163[4500] to 192.168.91.166[4500]
> Jul 17 13:43:35 strongswan1 dhclient: DHCPREQUEST of 192.168.91.163 on
eth0
> to 192.168.91.254 port 67
> Jul 17 13:43:35 strongswan1 dhclient: DHCPACK of 192.168.91.163 from
> 192.168.91.254
> Jul 17 13:43:35 strongswan1 dhclient: bound to 192.168.91.163 --
renewal in
> 692 seconds.
>
> On the client side, I get the dreaded "Error 13801 IKE authentication
> credentials are unacceptable." and the connection halts. It looks
like the
> EAP is clearing but the cacert isn't clearing the Windows client.
I've used
> seven different methods to create and re-create the self-signed CA and
> certificate - openssl, the ipsec pki tool, the OpenVPN tools and
probably a
> couple others I tried. I edited the openssl.cnf each time to try and add
> the extended key usage and the gateway name in the CN and/or the
> subjectAltName - with no luck. I did find that removing the leftid didn't
> help, nor did specifying the EAP user.
>
> It really appears that the connection is hanging on the server
certificate.
> I'm *this close* to getting this connection down - and I'm pretty sure
it's
> a certificate problem. If anyone has some suggestions on where to look
> next, I'd really appreciate it!
>
> Config files:
>
>
> ---------ipsec.conf-------------
> # ipsec.conf - strongSwan1 IPsec configuration file
>
> # basic configuration
>
> config setup
> # plutodebug=all
> # crlcheckinterval=180
> # strictcrlpolicy=no
> # cachecrls=yes
> # nat_traversal=yes
> charonstart=yes
> plutostart=no
>
> # Add connections here.
>
> conn %default
> ikelifetime=60m
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> # authby=secret
> keyexchange=ikev2
> # mobike=no
>
>
> conn net-net
> left=192.168.91.163
> leftsubnet=10.1.0.0/16
> leftid=@strongswan1
> leftfirewall=yes
> right=192.168.91.160
> rightsubnet=10.2.0.0/16
> rightid=@strongswan2
> auto=add
>
> conn rw
> left=192.168.91.163
> leftsubnet=10.1.0.0/16
> leftfirewall=yes
> authby=secret
> right=%any
> auto=add
>
> conn rw2
> left=192.168.91.163
> leftsubnet=10.1.0.0/16
> # leftid=@strongswan1
> leftcert=cacert.pem
> leftfirewall=yes
> right=%any
> keyexchange=ikev2
> auto=add
>
> conn rw-eap
> left=192.168.91.163
> leftsubnet=10.1.0.0/16
> # leftid=@strongswan1
> leftcert=cacert.pem
> leftauth=pubkey
> leftfirewall=yes
> right=%any
> rightauth=eap-mschapv2
> rightsendcert=never
> eap_identity=gregg
> auto=add
>
> include /var/lib/strongswan/ipsec.conf.inc
>
>
> ---------ipsec.secrets---------
> : RSA cakey.pem "newcapassword"
>
> 192.168.91.165 : PSK 1234567890
>
> 192.168.91.154 : PSK 1234567890
>
> gregg : EAP "1234567890"
>
> include /var/lib/strongswan/ipsec.secrets.inc
>
> Thanks to all!
>
> ---------------------------------------------------------------
>
>
> -----Original Message-----
> From: Gregg Hughes [mailto:ghughes at iscinternational.com]
> Sent: Wednesday, July 10, 2013 4:41 PM
> To: 'Paton, Andy'
> Cc: 'users at lists.strongswan.org'
> Subject: RE: [strongSwan] Win7 machine certificate connection failing
>
> Hi, Andy!
>
> Thanks for the quick response - it's good to know there's help out
there for
> new folks.....
>
> The CA key was generated like so:
> openssl genrsa -des3 -out private/cakey.pem 4096 I added a password
> for the key. Not much of one, but a password.
>
> Created CA Root Certificate
> openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days
> 3650 -set_serial 0 Asked some questions:
> Country Name US
> State or Porvince Name Wisconsin
> Locality Name Milwaukee
> Organization Name ISC International, Ltd.
> Organizational Unit .
> Common name strongswan1
> Email Address ghughes [at]
> iscinternational.com
> ....and I got my cert.
>
> I added the requirements to the openssl.cnf file for extendedKeyUsage and
> for a subjectAltName, following a document here:
> http://wiki.strongswan.org/projects/strongswan/wiki/Win7CertReq
>
> Oddly enough, when I do an "ipsec listcerts" I get nothing, even though
> syslog shows the certificates being loaded correctly.
>
> Let me know other information you might need (and where to look for
it) - I
> probably haven't completely fulfilled your request.
>
> Thanks!
>
> Gregg
>
>
> -----Original Message-----
> From: Paton, Andy [mailto:andy.paton at hp.com]
> Sent: Wednesday, July 10, 2013 4:13 PM
> To: Gregg Hughes
> Cc: users at lists.strongswan.org
> Subject: Re: [strongSwan] Win7 machine certificate connection failing
>
> Can you post details of your certificates. Both the machine cert for the
> gateway and the device cert?
>
> --
> Andrew Paton
>
>
>
> On 10 Jul 2013, at 21:55, "Gregg Hughes"
> <ghughes at iscinternational.com<mailto:ghughes at iscinternational.com>> wrote:
>
> Good afternoon, all!
>
> I've been working on getting a Strongswan installation running on a VMware
> Workstation test platform. The server is Ubuntu Server 12.04 with
> Strongswan 4.5.2 from the Ubuntu repository.
> I've been able to get a net-net test config to work, but have had trouble
> with a roadwarrior config. I think it's a problem with certificates
because
> I get "Error 13801: IKE authentication credentials are unacceptable", so I
> know the client is reaching the server and trying to get in.
>
>
> I followed the examples listed here, working on an X.509 machine
certificate
> to start: http://wiki.strongswan.org/projects/strongswan/wiki/Windows7 I
> used the multiple client configs and the instructions on importing
> certificates into Win7.
>
> All certs were generated and signed on the strongswan server and are
in the
> proper directories under /etc/ipsec.d. Content of ipsec.conf and
greps from
> auth.log and syslog also.
>
> I confess to being at a loss as to why I am still getting the Error 13801
> after several hours troubleshooting.
>
> Thanks in advance!
>
>
>
> Gregg
>
>
>
> # ipsec.conf - strongSwan1 IPsec configuration file
>
> # basic configuration
>
> config setup
> # plutodebug=all
> # crlcheckinterval=180
> # strictcrlpolicy=no
> # cachecrls=yes
> # nat_traversal=yes
> charonstart=yes
> plutostart=no
>
> # Add connections here.
>
> conn %default
> ikelifetime=60m
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> # authby=secret
> keyexchange=ikev2
> # mobike=no
>
>
> conn net-net
> left=192.168.91.163
> leftsubnet=10.1.0.0/16
> leftid=@strongswan1
> leftfirewall=yes
> right=192.168.91.160
> rightsubnet=10.2.0.0/16
> rightid=@strongswan2
> auto=add
>
> conn Win7
> left=%defaultroute
> # leftcert=cacert.pem
> leftsubnet=10.1.0.0/16
> leftid=strongswan1
> right=%any
> rightsourceip=192.168.93.0/24
> # rightauth=eap-mschapv2
> # rightsendcert=never
> # eap_identity=%any
> # rightcert=client1cert.pem
> # keyexchange=ikev2
> auto=add
>
> include /var/lib/strongswan/ipsec.conf.inc
>
>
> ----------------------------------------
> auth.log cuts
>
> Jul 10 15:20:28 strongswan1 charon: 03[IKE] 192.168.91.166 is
initiating an
> IKE_SA Jul 10 15:21:51 strongswan1 ipsec_starter[1606]: charon stopped
after
> 200 ms Jul 10 15:21:54 strongswan1 ipsec_starter[1641]: charon (1667)
> started after 60 ms Jul 10 15:23:02 strongswan1 ipsec_starter[1641]:
charon
> stopped after 200 ms Jul 10 15:23:25 strongswan1 ipsec_starter[931]:
charon
> (939) started after 1120 ms Jul 10 15:32:19 strongswan1
ipsec_starter[999]:
> charon (1003) started after 1060 ms Jul 10 15:32:43 strongswan1 charon:
> 13[IKE] 192.168.91.166 is initiating an IKE_SA
>
>
> --------------------------------------------
> syslog cuts
>
> Jul 10 15:32:20 strongswan1 charon: 00[DMN] Starting IKEv2 charon daemon
> (strongSwan 4.5.2) Jul 10 15:32:19 strongswan1 charon: 00[KNL]
listening on
> interfaces:
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] eth0
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] 192.168.91.163
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] fe80::20c:29ff:fecd:2c6b
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] eth1
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] 10.1.0.1
> Jul 10 15:32:19 strongswan1 charon: 00[KNL] fe80::20c:29ff:fecd:2c75
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading ca certificates from
> '/etc/ipsec.d/cacerts'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loaded ca certificate "C=US,
> ST=Wisconsin, L=Milwaukee, O=ISC International, Ltd., CN=strongswan1,
> E=ghughes at iscinternational.com<http://iscinternational.com>" from
> '/etc/ipsec.d/cacerts/cacert.pem'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading aa certificates from
> '/etc/ipsec.d/aacerts'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading ocsp signer
certificates
> from '/etc/ipsec.d/ocspcerts'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading attribute certificates
> from '/etc/ipsec.d/acerts'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading crls from
> '/etc/ipsec.d/crls'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loading secrets from
> '/etc/ipsec.secrets'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] loaded RSA private key from
> '/etc/ipsec.d/private/cakey.pem'
> Jul 10 15:32:19 strongswan1 charon: 00[CFG] expanding file expression
> '/var/lib/strongswan/ipsec.secrets.inc' failed Jul 10 15:32:19 strongswan1
> charon: 00[CFG] sql plugin: database URI not set Jul 10 15:32:19
strongswan1
> charon: 00[LIB] plugin 'sql': failed to load - sql_plugin_create returned
> NULL Jul 10 15:32:19 strongswan1 charon: 00[CFG] loaded 0 RADIUS server
> configurations Jul 10 15:32:19 strongswan1 charon: 00[LIB] plugin 'medsrv'
> failed to load: /usr/lib/ipsec/plugins/libstrongswan-medsrv.so: cannot
open
> shared object file: No such file or directory Jul 10 15:32:19 strongswan1
> charon: 00[CFG] mediation client database URI not defined, skipped Jul 10
> 15:32:19 strongswan1 charon: 00[LIB] plugin 'medcli': failed to load -
> medcli_plugin_create returned NULL Jul 10 15:32:19 strongswan1 charon:
> 00[LIB] plugin 'nm' failed to load:
> /usr/lib/ipsec/plugins/libstrongswan-nm.so: cannot open shared object
file:
> No such file or directory Jul 10 15:32:19 strongswan1 charon: 00[CFG] HA
> config misses local/remote address Jul 10 15:32:19 strongswan1 charon:
> 00[LIB] plugin 'ha': failed to load - ha_plugin_create returned NULL
Jul 10
> 15:32:19 strongswan1 charon: 00[DMN] loaded plugins: test-vectors curl
ldap
> aes des sha1 sha2 md5 random x509 revocation constraints pubkey pkcs1 pgp
> pem openssl fips-prf gmp agent pkcs11 xcbc hmac ctr ccm gcm attr
> kernel-netlink resolve socket-raw farp stroke updown eap-identity eap-aka
> eap-md5 eap-gtc eap-mschapv2 eap-radius eap-tls eap-ttls eap-tnc dhcp led
> addrblock Jul 10 15:32:19 strongswan1 charon: 00[JOB] spawning 16 worker
> threads Jul 10 15:32:19 strongswan1 charon: 05[CFG] received stroke: add
> connection 'net-net'
> Jul 10 15:32:19 strongswan1 charon: 05[CFG] added configuration 'net-net'
> Jul 10 15:32:19 strongswan1 charon: 10[CFG] received stroke: add
connection
> 'Win7'
> Jul 10 15:32:19 strongswan1 charon: 10[CFG] added configuration 'Win7'
> Jul 10 15:32:19 strongswan1 charon: 10[CFG] adding virtual IP address pool
> 'Win7': 192.168.93.0/24 Jul 10 15:32:43 strongswan1 charon: 13[NET]
received
> packet: from 192.168.91.166[500] to 192.168.91.163[500] Jul 10 15:32:43
> strongswan1 charon: 13[ENC] parsed IKE_SA_INIT request 0 [ SA KE No
> N(NATD_S_IP) N(NATD_D_IP) ] Jul 10 15:32:43 strongswan1 charon: 13[IKE]
> 192.168.91.166 is initiating an IKE_SA Jul 10 15:32:43 strongswan1 charon:
> 13[IKE] sending cert request for "C=US, ST=Wisconsin, L=Milwaukee, O=ISC
> International, Ltd., CN=strongswan1, E=ghughes at
> iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 13[ENC] generating IKE_SA_INIT
response
> 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ] Jul 10
> 15:32:43 strongswan1 charon: 13[NET] sending packet: from
> 192.168.91.163[500] to 192.168.91.166[500] Jul 10 15:32:43 strongswan1
> charon: 14[NET] received packet: from 192.168.91.166[4500] to
> 192.168.91.163[4500] Jul 10 15:32:43 strongswan1 charon: 14[ENC] unknown
> attribute type INTERNAL_IP4_SERVER Jul 10 15:32:43 strongswan1 charon:
> 14[ENC] unknown attribute type INTERNAL_IP6_SERVER Jul 10 15:32:43
> strongswan1 charon: 14[ENC] parsed IKE_AUTH request 1 [ IDi CERT CERTREQ
> AUTH N(MOBIKE_SUP) CP(ADDR DNS NBNS SRV ADDR6 DNS6 SRV6) SA TSi TSr ]
Jul 10
> 15:32:43 strongswan1 charon: 14[IKE] received cert request for "C=US,
> ST=Wisconsin, L=Milwaukee, O=ISC International, Ltd., CN=strongswan1,
> E=ghughes at iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 14[IKE] received 8 cert requests
for an
> unknown ca Jul 10 15:32:43 strongswan1 charon: 14[IKE] received end entity
> cert "C=US, ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1,
> E=ghughes at iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] looking for peer configs
> matching 192.168.91.163[%any]...192.168.91.166[C=US, ST=Wisconsin, O=ISC
> International, Ltd., CN=strongswan1, E=ghughes at
> iscinternational.com<http://iscinternational.com>]
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] selected peer config 'Win7'
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] using certificate "C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1, E=ghughes at
> iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] using trusted ca certificate
> "C=US, ST=Wisconsin, L=Milwaukee, O=ISC International, Ltd.,
CN=strongswan1,
> E=ghughes at iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] checking certificate status of
> "C=US, ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1,
E=ghughes at
> iscinternational.com<http://iscinternational.com>"
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] certificate status is not
> available
> Jul 10 15:32:43 strongswan1 charon: 14[CFG] reached self-signed root ca
> with a path length of 0
> Jul 10 15:32:43 strongswan1 charon: 14[IKE] authentication of 'C=US,
> ST=Wisconsin, O=ISC International, Ltd., CN=strongswan1, E=ghughes at
> iscinternational.com<http://iscinternational.com>' with RSA signature
> successful Jul 10 15:32:43 strongswan1 charon: 14[IKE] peer supports
MOBIKE
> Jul 10 15:32:43 strongswan1 charon: 14[IKE] no private key found for
> 'strongswan1'
> Jul 10 15:32:43 strongswan1 charon: 14[ENC] generating IKE_AUTH
response 1 [
> N(AUTH_FAILED) ] Jul 10 15:32:43 strongswan1 charon: 14[NET] sending
packet:
> from 192.168.91.163[4500] to 192.168.91.166[4500]
>
>
> Gregg Hughes
> IT Administrator
> www.iscinternational.com<http://www.iscinternational.com>
> 414.721.0301 phone
> 262.313.3106 fax
>
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org<mailto:Users at lists.strongswan.org>
> https://lists.strongswan.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJR6EF3AAoJEDg5KY9j7GZYvBAP/jxg29w70AEho2tlulyMbn5P
sPs4Sef9cx4ogVo4wne3mrjCI3bZunIzssPisntAZ4ECrnYoDjAnVyau8rqB1m6z
c5PxKTorQl59MBrODfmZgZydMbd6vfmsCGpeh4ktx0i9u+4pEXTVoV5fCfUj7R69
IQbrUjtX6CJNYDUPkYj+03CyoorTg6oRkkQ2jyG3YSGVjnrQtWIvXvnzkWJDuJ6d
WRfXrQobvG4+wDN2/9t+2Z0e3z5XaCZG5UUamM3A9mL6L78lsUA1DiCY4/WDn/c1
al6U9cuLKmg6Vh7xaEKV16IYO7P9dK6vtKDsVMbgYTpepBpj2TzhDFuLW22h2xC+
33hVzauPY94k42wWKKKoaKA77Txkc54A4jyY9cMEb9TW6r9avYFQV2k8g9Ytqjw7
14Hf+3z3PHnplD8G80wsx31Baten7JHBkBMDLQciruawkwkj9Cyq/xauFvmqi2Tc
922Z9i6PMRCfzBELDMzCEeG6fXFfWt2arTIY8JJApEcOSLv8Wm8/UJJNWC/LfwOa
AUd07NYsVxBT28RhottVf+7G/aD9kBP23KLlYG4uPbySwiwndivObV8Zk6tXE5+r
6V5l1RoQZlefwhbOTWX1gT39Dn4w9grEMOGytmogR+OYn55N18Kbtz2VRTC4clcE
TFHj45v9w/LsX+8FoEln
=y/3Y
-----END PGP SIGNATURE-----
More information about the Users
mailing list