[Openswan Users] how can I configure Authentication-Method (3) from XAUTHInitPreShared (65001) to PSK (1)?
翱 李
nuaaliao at yahoo.com.cn
Mon Oct 13 11:48:49 EDT 2008
[kernel and openswan]
linux-liao:/home/nuaaliao # ipsec --version
Linux Openswan U2.6.18/K2.6.16.60-0.29-smp (netkey)
See `ipsec --copyright' for copyright information.
linux-liao:/home/nuaaliao # uname -a
Linux linux-liao 2.6.16.60-0.29-smp #1 SMP Thu Aug 28
09:26:55 UTC 2008 i686 i686 i386 GNU/Linux
[configuration]
The configuration I'm using in /etc/ipsec.conf is :
conn vpn
leftxauthclient=yes
rightxauthserver=yes
left=%defaultroute
leftid=@groupname
right=1.2.11.154
rightsubnet=0.0.0.0/0.0.0.0
keyexchange=ike
ike=3des-md5-modp1536
auth=esp
authby=secret
esp=3des
pfs=yes
when i use the command :
"ipsec auto --add vpn";
"ipsec auto --up vpn"
the ipsec server even didn't respond the openswan
client, I use the ethereal tool to grasp the packets,
I found the packet sent by openswan seems like:
Transform ID: KEY_IKE (1)
Encryption-Algorithm (1): 3DES-CBC (5)
Hash-Algorithm (2): MD5 (1)
Authentication-Method (3):XAUTHInitPreShared (65001)
Group-Description (4): Alternate 1536-bit MODP group
(2)
while the ipsec server requires the packet with
Authentication-Method :PSK(1)
so how can I configure Authentication-Method (3) from
XAUTHInitPreShared (65001) to PSK (1)?
___________________________________________________________
雅虎邮箱,您的终生邮箱!
http://cn.mail.yahoo.com/
More information about the Users
mailing list