[strongSwan] IKEv1 PSK with group name?
tonytzhou at gmail.com
Fri May 3 18:00:26 CEST 2013
I suppose it's adding "aggressive=yes" into the section? I tried that
but strongswan gives out the same result...
Also, I did put enabling aggressive mode into strongswan.conf otherwise
it won't allow me to connect (log will say aggressive mode is disabled)
On 5/3/2013 11:40 AM, Martin Willi wrote:
>> 12[IKE] client.ip.address is initiating a Aggressive Mode IKE_SA
>> 12[CFG] looking for XAuthInitPSK peer configs matching server.ip.address...client.ip.address[group]
>> 12[IKE] no peer config found
> I don't see the "aggressive" keyword in your ipsec.conf. Have you set
> it? man ipsec.conf for details.
> Also, to support Aggressive Mode PSK as responder, you'll have to
> confirm you are aware of the security implications and enable "weakSwan"
> mode using
> in strongswan.conf, see that manpage for details.
More information about the Users