[Openswan Users] using modecfg ISAKMP_CFG_SET parameters

Ken Bantoft ken at xelerance.com
Sun Aug 1 14:35:22 CEST 2004

Those are XAUTH parameters (MODE_CONFIG).  They currently aren't supported 
in Openswan, although there are some hooks to get them via PAM in 
Openswan 1.x (see README.XAUTH)

As an XAUTH client, there is no code for MODE_CONFIG hooks.  It wouldn't 
be too hard to use, as leftsourceip= could be changed to get the values 
passed back to it, but that feature doesn't exist at the moment.

On Tue, 27 Jul 2004, David Mattes wrote:

> Using OpenSWAN-2.1.2rc5 on linux-2.4.24
> I am receiving some modecfg ISAKMP_CFG_SET parameters: IP4_ADDR, 
> IP4_NETMASK, and IP4_DNS.  How do I "inject" these parameters into the 
> connection?  In ipsec.conf this is equivalent to 
> leftsourceip=IP4_ADDR/IP4_NETMASK.  The end result should be that my 
> routing table shows an ipsec route entry with a src address given by the 
> Thanks,
> David

Ken Bantoft			VP Business Development
ken at xelerance.com		Xelerance Corporation
sip://toronto.xelerance.com	http://www.xelerance.com

More information about the Users mailing list