[Openswan Users] openswan+netkey <-> racoon on linux

Peter Rosenthal voiperster at gmail.com
Thu Jul 17 19:53:12 EDT 2008

With Red Hat's ipsec init scripts it's the default!

2008/7/17 Paul Wouters <paul at xelerance.com>:

> On Thu, 17 Jul 2008, Peter Rosenthal wrote:
>  After looking at the racoon code, racoon is rejecting the proposal
>> because it does not have the same number of proto entries. OpenSwan's
>> proposal contains just ESP while racoon's proposal has ESP and AH.
>> What is correct spec behaviour here? Do I need to configure openswan to
>> use AH?
> ESP + AH is just wrong. Racoon shouldnt even allow it.
> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080718/a84db600/attachment-0001.html 

More information about the Users mailing list