[strongSwan] syntax question about PSKs in ipsec.secrets (and Wiki)

Harald Dunkel harald.dunkel at aixigo.de
Thu Jul 12 07:58:29 CEST 2018

Hi folks,

https://wiki.strongswan.org/projects/strongswan/wiki/PskSecret shows several
examples for entries in ipsec.secrets with '@' at the begin of a FQDN. There
is no example for a PSK using FQDNs without '@'.

https://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets does not
mention the '@' at the beginning of a FQDN at all. There is just a tiny hint
in the config manual (ipsec.conf) about using '@' to avoid a DNS lookup of
the leftid or rightid for strongswan < 5.0.

Which one is right? Is the '@' obsolete today? Apparently the PskSecret page
is pretty old.

Every helpful comment is highly appreciated

More information about the Users mailing list