[strongSwan] XAuth Vendor ID
Brian Zhao - 赵宪鹏
Brian.Zhao at zyxel.cn
Mon Mar 7 08:26:56 CET 2011
Thank you very much!
I am using strongswan-4.2.8, defined authby=secret, I don't know why it will contain this XAUTH. Maybe on later version will OK.
I also have some confuses, if I compiling with --disable-xauth-vid, does it means I also disable the XAUTH function? Then I configure authby=xauthpsk will cannot work well? If yes why we need XAUTH-vendor-id?
From: Andreas Steffen [mailto:andreas.steffen at strongswan.org]
Sent: 2011年3月7日 14:48
To: Brian Zhao - 赵宪鹏
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] XAuth Vendor ID
strongSwan never sends XAUTH proposals on its own if you don't
authby=xauthrsasig or authby=xauthpsk
the default being authby=rsasig.
But if you think that your peer is disturbed by the XAUTH
Vendor ID, you can suppress it by compiling strongSwan with
On 07.03.2011 03:40, Brian Zhao - 赵宪鹏 wrote:
> Hi All,
> I have met a problem when use strongswan connect to another VPN device.
> Because strongswan will send a packet which contain contains
> draft-beaulieu-ike-xauth-02.txt information in phase 1, this information
> will cause other side check XAuth match and feedback an error message
> “NO-PROPOSAL-CHOSEN”. So I want to check you, it is strongswan’s problem
> or other side’s problem? Does the other side should just ignore this
> XAuth Vendor ID? I think this XAuth Vendor ID should not carry because I
> have not used XAuth. But the other side also should don’t care
> this(indeed most of VPN device did, only a few will check XAuth when
> receive packet contain draft-beaulieu-ike-xauth-02.txt)
> Could any one can give me some suggestion or information about this?
> Thanks very much!
> Best regards,
> msn:brian_zhao1987 at hotmail.com
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users