[strongSwan] IKEv1 PSK with group name?
Martin Willi
martin at strongswan.org
Fri May 3 17:40:41 CEST 2013
Hi,
> 12[IKE] client.ip.address is initiating a Aggressive Mode IKE_SA
> 12[CFG] looking for XAuthInitPSK peer configs matching server.ip.address...client.ip.address[group]
> 12[IKE] no peer config found
I don't see the "aggressive" keyword in your ipsec.conf. Have you set
it? man ipsec.conf for details.
Also, to support Aggressive Mode PSK as responder, you'll have to
confirm you are aware of the security implications and enable "weakSwan"
mode using
charon.i_dont_care_about_security_and_use_aggressive_mode_psk
in strongswan.conf, see that manpage for details.
Regards
Martin
More information about the Users
mailing list