[Openswan Users] config to talk to device with aes, sha, psk

Brendan Simon Brendan at BrendanSimon.com
Fri Jan 6 17:42:11 CET 2006


This is my first time using openswan (2.2 on Debian Sarge).
I'm trying to connect to a device that has the following paramters.
    * Identity:
        PSK = "test1234"
    * Security Policy  
        Main Mode
        no PFS
    * Authentication (Phase 1)
       PSK
       AES256
       SHA1
    * Authentication (Phase 2)
        ESP
        AES256
        SHA1
        Tunnel

How do I specify that in the ipsec.conf?

I have put a PSK in /etc/ipsec.secrets as:
192.168.0.4 192.168.0.178: PSK "test1234"

In ipsec.conf on 192.168.0.4 I have:
conn host178
    #type=tunnel
    left=192.168.0.4
    right=192.168.0.178
    auth=esp
    authby=secret
    #esp aes
    auto=start

The auth.log file says "ignoring informational payload, NO_PROPOSAL_CHOSEN".
What am I doing wrong?

Thanks,
Brendan.

      
   


More information about the Users mailing list