
<html>

<head>

<style><!--

.hmmessage P

{

margin:0px;

padding:0px

}

body.hmmessage

{

font-size: 12pt;

font-family:Calibri

}

--></style></head>

<body class='hmmessage'><div dir='ltr'>btw I am using StrongSwan 5.0.0<br><br>-Neeraj<br><br><div><div id="SkyDrivePlaceholder"></div><hr id="stopSpelling">From: kaju09@live.in<br>To: edk@cendatsys.com; users@lists.strongswan.org<br>Date: Fri, 28 Sep 2012 16:58:53 +0530<br>Subject: Re: [strongSwan] Cannot do IKEv1/PSK Main Mode in Cisco ASA 5510<br><br>


<style><!--

.ExternalClass .ecxhmmessage P

{padding:0px;}

.ExternalClass body.ecxhmmessage

{font-size:12pt;font-family:Calibri;}


--></style>

<div dir="ltr"># ipsec.conf<br><br>config setup<br>    charondebug="dmn 1"<br><br>conn %default<br>  ikelifetime=60m<br>  keylife=20m<br>  rekeymargin=3m<br>  keyingtries=1<br>  keyexchange=ikev1<br>  aggressive=no<br>  type=tunnel<br>  dpdaction=clear<br>  dpddelay=60s<br><br><br>conn home<br>  left=%defaultroute<br>  xauth_identity=user<br>  leftid=@CiscoPSKCxnProfile<br>  xauth = client<br>  leftsourceip = %config<br>  leftauth=psk<br>  leftauth2=xauth<br>  leftfirewall=no<br>  right=111.222.333.444<br>  rightsubnet=192.168.0.0/16<br>  rightauth=psk<br>  ike=aes-sha-modp1024<br>  esp=aes-sha1-modp1024<br>  auto=start<br><br><br># the ipsec.secrets has the corresponding PSK and password for user<br><br>Do let me know if you see an issues?<br><br>-Neeraj<br><br><div><div id="ecxSkyDrivePlaceholder"></div><hr id="ecxstopSpelling">Subject: Re: [strongSwan] Cannot do IKEv1/PSK Main Mode in Cisco ASA 5510<br>From: edk@cendatsys.com<br>Date: Thu, 27 Sep 2012 08:53:40 -0500<br>To: kaju09@live.in; users@lists.strongswan.org<br><br><style><!--

.ExternalClass .ecxhmmessage P

{padding:0px;}

.ExternalClass body.ecxhmmessage

{font-size:12pt;font-family:Calibri;}


--></style>I just went through this same problem -- still struggling with routing but seem to habe the connection.<br>

<br>

What's the Cisco config and you ipsec.conf?<br><br><div class="ecxgmail_quote">Neeraj Sharma <kaju09@live.in> wrote:<blockquote class="ecxgmail_quote" style="padding-left:1ex">


<div dir="ltr">I tried doing this a couple of times and did succeed with configuring a StrongSwan client connecting to a Cisco ASA 5510 in IKEv1/PSK Main Mode. What works at present is the IKEv1/PSK Aggressive mode.<br> <br>I am no Cisco expert, so its possible (pointed by endre that it works as well over freenode #strongswan) that I am missing a Cisco ASA config. Any pointers (doc, etc) will be of great help.<br> <br>Thanks,<br>Neeraj<br>            </div>

<p style="margin-bottom:1em;border-bottom:1px solid #000"></p><pre style="white-space:pre-wrap;word-wrap:break-word;font-family:sans-serif"><hr><br>Users mailing list<br>Users@lists.strongswan.org<br><a href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a></pre></blockquote></div><br>

-- <br>

Sent from my Android phone with K-9 Mail. Please excuse my brevity.</div>                                           </div>

<br>_______________________________________________

Users mailing list

Users@lists.strongswan.org

https://lists.strongswan.org/mailman/listinfo/users</div>                                           </div></body>

</html>