[Openswan Users] Cisco Concentrator 3005 to Openswan
Paul Wouters
paul at xelerance.com
Mon Jun 11 12:51:20 EDT 2007
On Mon, 11 Jun 2007, ACasella wrote:
> > That probably means XAUTH.
> >
> I've now setup my conf file as:
>
> conn host-to-host
> type=tunnel
> authby=secret
> left=72.55.yyy.yyy
> leftnexthop=%defaultroute
> right=137.186.xxx.xxx
> rightxauthserver=yes
You are missing leftxauthclient=yes
> rightnexthop=%defaultroute
> ike=3des-md5-modp1024
> esp=3des-md5
> keyexchange=ike
> pfs=no
> xauth=yes
> auto=add
>
> Next I run ( I googled this so it may be the wrong thing to run):
> ipsec whack --name=host-to-host --xauthname=Some_username
> --xauthpass=somepassword --initiate
>
> The behaviour is the same a before.
You seem to not be using certificates, so you need to know the PSK
to fill into ipsec.secrets. It's not the same as the username/password.
Paul
More information about the Users
mailing list