[strongSwan] strongswan xauth

Brian Zhao - 赵宪鹏 Brian.Zhao at zyxel.cn
Tue Mar 1 08:11:41 CET 2011

Hi All,

I have a question about strongswan xauth. When I use strongswan to get connection with a  VPN device, I always get this error"xauth miss match" in peer side, and cannot get connect with that device, I have capture packet, I find that it is because the phase I packet contains draft-beaulieu-ike-xauth-02.txt, so the peer side will consider it has xauth information(of course, it is not right), so will reject this connect.
I have check some documents, find thar when I configure the strongswan with "--disable-xauth-vid" this draft-beaulieu-ike-xauth-02.txt will disappear. So I want to check you, is this the perfect solution for this problem? This just disable the function of Xauth? And if I also need this function how can I do?

Thanks very much!!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: phase_I_.pcap
Type: application/octet-stream
Size: 478 bytes
Desc: phase_I_.pcap
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110301/e5c4c442/attachment.obj>

More information about the Users mailing list