[Openswan Users] openSWAN to Cisco IOS

Paul Wouters paul at xelerance.com
Tue Nov 14 12:13:52 EST 2006

On Tue, 14 Nov 2006, Christian Brechbühler wrote:

> Similar problem here: trying to connect to a Cisco (no idea what model), we
> get to this:
> Nov 14 11:09:03 [pluto] "NYC" #6: initiating Quick Mode
> Nov 14 11:09:03 [pluto] "NYC" #5: ignoring informational payload, type
> The owner of the Cisco thing tell us that cisco doesn't like quick mode, and
> that we have to disable quick mode in openswan.
> Does this sound right?  And if yes, how would I do it?

No, that sounds like someone does not know what they are talking about.
Ask the cisco person for the following:

Mode (main or aggressive)
PFS (yes or no)
Phase 1 (3des/aes md5/sh1)
Phase 2 (3des/aes md5/sh1)
modp (aka DiffieHellman) group
src/dst (aka left/right) type and value of ID's (IP, string, X.509 DN)
subnets for srd/st (aka left/right)

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list