[strongSwan] sonicwall with main mode
Martin Willi
martin at strongswan.org
Fri Feb 27 10:10:52 CET 2015
Hi,
> rightid=001122334455667788
> *IDir '62.43.189.77' does not match to '001122334455667788*'
Your Sonicwall uses '62.43.189.77' as its identity. Your strongSwan
configuration strictly requires '0011223344556677880' as defined by
rightid. Either change your Sonicwall or your strongSwan configuration
to define the same identity for the Sonicwall.
And the usual word of warning: Using psk + xauth is not recommended, as
you can't use different PSK secrets in Main Mode for different clients.
This allows any client to impersonate the gateway with that PSK.
Regards
Martin
More information about the Users
mailing list