[Openswan Users] IPSec Aggressive Mode

Paul Wouters paul at xelerance.com
Mon Dec 12 21:16:33 CET 2005

On Mon, 12 Dec 2005, Snitgen, John wrote:

> My questions:
> When configured to use aggressive mode, is the 'left' parameter in ipsec.conf used as the Radius username?  Is the PSK secret in (ipsec.secrets) used as the password for Radius authentication?   Does 'rightid' need to be the IP address of the Radius server for my scenario?

No. PSK does not utilize or has anything to do with Radius.,

> Is XAUTH required?  From what info I have gathered, it appears that XAUTH is only required if the Radius Server requires a different password than the ipsec secret passphrase.

Yes, you will need modeconfig/xauth.

> I am running OpenSwan 1.0.7

openswan-1 is end of life in 19 days.......


More information about the Users mailing list