[Openswan Users] Considering authentication mode while selecting a connection to respond

hiren joshi joshihirenn at gmail.com
Tue Oct 7 04:17:20 EDT 2008


Thanks for your prompt reply.

I haven't checked it practically on openswan-2.6.18, but looking at
its code I think it has been solved as the function
find_host_connection2 has now one more parameter - policy besides IP
addresses and ports.

Regards,
-hiren

On Mon, Oct 6, 2008 at 10:52 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 6 Oct 2008, hiren joshi wrote:
>
>> Using openswan-2.4.9 I observed that for net-to-net connections, it
>> doesn't consider authentication mode (Main/Aggressive) while selecting
>> a connection to respond.
>> Is there any way to configure openswan to respond to a request if it
>> matches the authentication mode configured.
>
> It should happen using refineconnection() and related functions. Is this
> still an issue for openswan 2.6.18? Eg there should not be an option, as
> openswan can see on the first packet if it is Aggressive or Main mode, and
> should then be able to pick wisely.
>
> Paul
>


More information about the Users mailing list