[Openswan Users] openswan and Cisco PIX

[Michael Richardson]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Serge" == Serge Paquin <serge at skycomp.ca> writes:
    Serge> esp=3des-md5-96
    Serge> keyexchange=ike
 
  This should be redundant, but harmless.

    Serge> ISAKMP (0): Checking ISAKMP transform 0 against priority 5 policy
    Serge> ISAKMP:      life type in seconds
    Serge> ISAKMP:      life duration (basic) of 3600
    Serge> ISAKMP:      encryption 3DES-CBC
    Serge> ISAKMP:      hash MD5
    Serge> ISAKMP:      auth RSA sig
    Serge> ISAKMP:      default group 5
    Serge> ISAKMP (0): atts are not acceptable. Next payload is 3

  This one should have been accepted. 
  Are you sure that you have pfs off on the cisco?
  Is there a reason you want pfs off?

- --
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQGCxO4qHRg3pndX9AQHaowQA29pshVUDYElsBlY2/84p0wU8whfXXAhW
8SA9RDBmjfP1UNLW9yJe1FipcY0jjDIev/TrYRG+c0fYe5yF6UGr+z47LNSYO1pq
yanCi/eP/oiXzYierZyoTiidkgOhodqIPPrhqrRA6okjOMYwvinYs8RDD7XnpDQm
3qvwad3lJTs=
=eF/9
-----END PGP SIGNATURE-----