[Openswan Users] config to talk to device with aes, sha, psk
Brendan Simon
Brendan at BrendanSimon.com
Fri Jan 6 23:29:58 CET 2006
This is my first time using openswan (2.2 on Debian Sarge).
I'm trying to connect to a device that has the following paramters.
* Identity:
PSK = "test1234"
* Security Policy
Main Mode
no PFS
* Authentication (Phase 1)
PSK
AES256
SHA1
* Authentication (Phase 2)
ESP
AES256
SHA1
Tunnel
How do I specify that in the ipsec.conf?
I have put a PSK in /etc/ipsec.secrets as:
192.168.0.4 192.168.0.178: PSK "test1234"
In ipsec.conf on 192.168.0.4 I have:
conn host178
#type=tunnel
left=192.168.0.4
right=192.168.0.178
auth=esp
authby=secret
#esp aes
auto=start
The auth.log file says "ignoring informational payload, NO_PROPOSAL_CHOSEN".
What am I doing wrong?
Thanks,
Brendan.
More information about the Users
mailing list