[Openswan Users] Connecting RH9 <-> Cisco
Paul Wouters
paul at xelerance.com
Fri Nov 4 20:46:07 CET 2005
On Fri, 4 Nov 2005, Oliver Schulze L. wrote:
> The parameters I have from the Cisco Admin are:
> - sha for doing hash
> - 3des for encrypting data
> - isakmp: standard parameters
> - ports: standard parameters
> - using pre shared secret for starting the conection
That's not really complete information.
- Prefect Forward Secrecy (PFS): Yes or no?
- DH group : 2 or 5 ?
- Mode: Main or Aggressive?
- XAUTH/ModeConfig? Yes or No?
But you can try adding:
ike=3des-sha1
esp=3des-sha1
pfs=no (should accept yes too)
#aggrmode=yes
Try with and without aggrmode.
Paul
More information about the Users
mailing list