HI everyone:<div><br></div><div>I  upgrade openswan from version 2.4.10 to 2.6.21,found that config string &quot;pfsgroup&quot; not recoginize in 2.6.21.</div><div>Searing google...found nothing related to my issue.</div><div>
<br></div><div><div>-bash-3.2$ sudo ipsec setup start</div><div>can not load config &#39;/etc/ipsec.conf&#39;: /conf/ipsec.d/101.conf:11: syntax error, unexpected STRING [pfsgroup]</div><div>Failed to parse config setup portion of ipsec.conf</div>
<div>-bash-3.2$ vi /conf/ipsec.d/101.conf </div><div><br></div><div>conn aa</div><div>        type = tunnel</div><div>        auto = start</div><div>        keyexchange = ike</div><div>        authby = secret</div><div>        auth = esp</div>
<div>        esp = 3DES-SHA1</div><div>        ike = 3DES-MD5-MODP1024</div><div>        aggrmode = yes</div><div>        pfs = yes</div><div>        pfsgroup = MODP1024</div><div>        left = %defaultroute</div><div>        leftsubnet = <a href="http://192.168.111.0/255.255.255.0">192.168.111.0/255.255.255.0</a></div>
<div>        right = <a href="http://XXXX.3322.org">XXXX.3322.org</a></div><div>        rightsubnet = <a href="http://192.168.60.0/255.255.255.0">192.168.60.0/255.255.255.0</a></div><div>        leftid = @a</div><div>        rightid = @b</div>
<div><br></div><div><br></div>I change 1 line in Makefile.inc:</div><div><br></div><div>line 362: USE_WEAKSTUFF?=true</div><div><br>-- <br>from Romeo<br>
</div>