(no subject)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

(no subject)

viswanadha, kamakshi
Hi !

I don't know, posting my question here appropriate or no.

I have a issue with Microsoft client using kerberos authentication.

 When I am testing ipsec with windows client.

During Phase1 negotiation of ipsec kerberos authentication is used.(We are
following the RFC A GSS-API Authentication Method for IKE)

1st every thing works fine .SAs get established.

Later when our server's password gets changed, ipsec negotiation fails.
Because windows client is still using the old ticket for our server.

Accept_sec_context at our server fails with error  "KRB5KRB_AP_ERR_MODIFIED"

Any help is appreciated.

Thanks & Regards.
Kerberos mailing list           [hidden email]