[Openswan Users] Re: Adding a new connection.
Paul Wouters
paul at xelerance.com
Fri Mar 24 17:45:30 CET 2006
On Tue, 21 Mar 2006, Paul Wouters wrote:
> > After some more reading in the book I have come to the conclusion this is
> > due to the fact that I have right=%any in more the one connection. I am not
> > sure how to get by this because simply enough when I take it out of either
> > or connection that connection fails to load.
>
> The problem is that for multiple right=%ay connections, it should be obvious
> in the phase 1 of the connection for which "conn" it is. Usualy you can force
> this by setting a leftid=/rightid=.
Following up on myself, but:
Can you try adding the following to the X509 conns:
leftrsasigkey=%cert
rightrsasigkey=%cert
And see if that helps to distinguish it from the PSK connection?
Paul
More information about the Users
mailing list