[Openswan Users] Unrecognized option --xauthserver

Paul Wouters paul at xelerance.com
Thu Jun 22 16:54:11 CEST 2006

On Thu, 22 Jun 2006, David Burrow wrote:

> I'm trying to set up Openswan 2.4.6 to receive connections from the

Note that 2.4.6 has not yet been released, you are referring to a
release candidate 2.4.6rc1.

> Cisco VPN Client using IPSEC and XAUTH.  I have a working L2TP/IPSEC
> setup, and tried adding the leftxauthserver=yes and
> rightxauthclient=yes to my conn block, when restarting I get the
> following error:
> Jun 22 07:15:13 rooter ipsec__plutorun: /usr/lib/ipsec/whack:
> unrecognized option `--xauthserver'

I just tested this with CVS (2_4_X branch) and 2.4.6rc1 from
ftp.openswan.org, and I can load a connection using leftxauthserver=yes
and rightxauthclient=yes just fine.

> I'm running SuSE linux 10, and I've tried using the rpm included with
> SuSE and removing that package and compiling and installing myself
> form a source package (openswan-2.4.6rc1.tar.gz) obtained from
> openswan.org, as I read that XAUTH was disabled by default.  Just a
> side-note: Unless I'm reading the Makefile.inc incorrectly, XAUTH IS
> enabled by default here, as USE_XAUTH? true is already set in that
> file, but it's definitely possible I'm reading the make file
> incorrectly), and in both cases I get the above error, what am I doing
> incorrectly?

You are right. XAUTH is enabled, despite the comment in Makefile.inc
that it is disabled by default.

I'm CC:ing Ken on this message, because I am not sure whether we want
to fix the comment or the setting.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list