[strongSwan] Problems connecting with NAT-T, aggressive mode and PSK

Jakob Curdes jc at info-systems.de
Mon May 26 14:05:34 CEST 2014

What is wrong here?

> As your client is using aggressive mode, have you tried to set
> aggressive=yes in ipsec.conf?
> As responder, you also have to set the strongswan.conf option
> charon.i_dont_care_about_security_and_use_aggressive_mode_psk=yes
> to confirm you understand the security implications of such a setup, see
> [1].
Aargh. aggressive=yes did it. I was under the impression that once I 
"activated weakswan" in the strongswan.conf this would be enough and 
charon would detect aggressive mode by itself.
Thank you, best regards,

ps. once I have a full working config with the sarian MR4110 I will post 
it here for reference.

More information about the Users mailing list