[Openswan Users] RSA and RSA with XAUTH at the same machine?
Paul Wouters
paul at xelerance.com
Mon Dec 15 17:13:05 EST 2008
On Mon, 15 Dec 2008, harald.meyer7 at freenet.de wrote:
>> You might be able to work around it using aggressive mode on the xauth
>> connection.
>
> I'm not sure if I understand you.
>
> i. Aggressive Mode is better known als MITM Mode, I think. Am I right?
> Agg. M. perhaps only works with PSKs?
>
> ii. Isn't there the same problem: no combination of RSASIG/Main Mode and
> Aggressive Mode at the same box? (And I'm not able to do without RSASIG/
> Main Mode road warriors.)
Aggressive Mode sends the ID in the first packet of phase 1, so openswan
can immediately pick the right connection, and will not need to switch
later.
> (OMG, what a waste of time! And just for playing with iPhone... [Nobody has
> an advantage. *smile* ])
There are many people who tried to get the iphone to work. Most try using
l2tp/ipsec. I haven't heard anyone getting it to work. (nor anyone who
offered me an iphone to work on it :)
Paul
More information about the Users
mailing list