[Openswan Users] Re: NAT Traversal support with openswan (which
draft version initiator/responder?)
Michael Richardson
mcr at sandelman.ottawa.on.ca
Thu Jun 17 15:58:53 CEST 2004
>>>>> "Xiaoming" == Xiaoming Yu <xiaoming at us.ibm.com> writes:
Xiaoming> I tried %any in the config file and it found a connection
Xiaoming> and went a step further. But it failed to find the
Xiaoming> preshared key in the ipsec.secrets because I am stilling
Xiaoming> using the private IP there. Previous argument will apply
Don't use PSK with NAT-T.
Use pre-exchanged RSA-keys, or X.509 only.
--
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
More information about the Users
mailing list