[Openswan Users] Aggressive mode, NAT-T, destination behind NAT
paul at xelerance.com
Wed Apr 12 18:11:17 CEST 2006
On Wed, 12 Apr 2006, Brian Candler wrote:
> That part is OK - in Openswan 2.4.5 that message is just a warning. Also, it
> works fine when I'm using Openswan 2.4.5 to Cisco IOS with main mode. I get
> the same warning and it proceeds.
> I can try replicating this in an openswan-to-openswan setup if you have an
> interest (that is, I've read on this list that aggressive mode is not well
> supported in openswan, so it depends whether you want to work on this or
aggressive mode is supported, though strongly discouraged for security
If you can give us a openswan-openswan configuration that shows this problem,
we can make a test case, and then the bug should get fixed. Assuming it is
a bug with openswan, and not with the pix.
Building and integrating Virtual Private Networks with Openswan:
More information about the Users