[strongSwan] sonicwall with main mode

Martin Willi martin at strongswan.org
Fri Feb 27 10:10:52 CET 2015


> rightid=001122334455667788

> *IDir '' does not match to '001122334455667788*'

Your Sonicwall uses '' as its identity. Your strongSwan
configuration strictly requires '0011223344556677880' as defined by
rightid. Either change your Sonicwall or your strongSwan configuration
to define the same identity for the Sonicwall.

And the usual word of warning: Using psk + xauth is not recommended, as
you can't use different PSK secrets in Main Mode for different clients.
This allows any client to impersonate the gateway with that PSK.


More information about the Users mailing list