[Openswan Users] Aggressive mode connection not recognized

IPSec Interest Group ipsec.gurus at gmail.com
Fri Feb 25 16:04:11 CET 2005


I have used openswan-2.3.1dr3 with a 2.6.9 and 2.6.10 kernel succesfully
with main mode, PSK, both with and without NATT.

I am trying to get aggressive mode to work, but I can't get past
parsing the ipsec.conf file. The following connection gets added and appears
in the 'ipsec auto --status' output. It works just fine:

conn test1
   type=tunnel
   left=1.1.1.1
   leftid=user1 at localhost.example.com
   right=2.2.2.2
   rightid=user1 at remotehost.example.com
   auto=add
   authby=secret

The mere addition of 'aggrmode=yes' causes the connection not to be
displayed in the 'ipsec auto --status' output:

conn test1
   aggrmode=yes
   type=tunnel
   left=1.1.1.1
   leftid=user1 at localhost.example.com
   right=2.2.2.2
   rightid=user1 at remotehost.example.com
   auto=add
   authby=secret

'ipsec auto --up test1' displays

   021 no connection named "test1"

Are there conditions placed on the use of aggresive mode? What am I
missing? I have seen answers to question about aggressive mode posted
here, and it seems like this should work.


More information about the Users mailing list