[Openswan Users] Ipsec newbie - trying to connect to sonicwall
Paul Wouters
paul at xelerance.com
Tue May 17 19:28:33 CEST 2005
On Tue, 17 May 2005, Yannick Warnier wrote:
> I am trying to setup an OpenSwan config to connect to a SonicWall server
> but I am having a lot of problems. I'll try to state things as clearly
> as I can, in addition to putting the "barf" output below.
>
> Basically, the SonicWall is configured so that I can connect to it
> through the Windows SonicWall client.
> esp=des-hmac_md5
> ike=des-sha1
> The SonicWall configuration uses
> Phase 1: Group 2 - des - sha1
> Phase 2: Group 2 = des - hmac_md5
> May 17 17:30:23 localhost pluto[14311]: packet from 192.152.172.132:500:
> ignoring informational payload, type NO_PROPOSAL_CHOSEN
You need to recompile openswan for 1des support. 1des support is completely
insecure and should not be used. For those ignorning this, they can enable 1des
in Makefile.inc by setting USE_WEAKSTUFF to true.
Paul
More information about the Users
mailing list