[Openswan Users] authby parameter in ipsec.conf

Paul Wouters paul at xelerance.com
Wed Nov 22 10:19:59 EST 2006

On Wed, 22 Nov 2006, kelvin wrote:

> The following attributes are used by IKE and are negotiated as part
>   of the ISAKMP Security Association.  (These attributes pertain only
>   to the ISAKMP Security Association and not to any Security
>   Associations that ISAKMP may be negotiating on behalf of other
>   services.)
>      - encryption algorithm
>      - hash algorithm
>      - authentication method
>      - information about a group over which to do Diffie-Hellman
> this segement  copy from rfc2409 which define a part of phase 1,i want to
> know if the authby parameter in ipsec.conf is associated with the
> authentication method above.

authby= determins whether to do PresharedKey (PSK) or RSA authentication for
phase 1.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list