[Openswan Users] XAUTH problem

Bill Carlson billcarlson at wkks.org
Tue Sep 23 15:59:04 EDT 2008

On Mon, 22 Sep 2008, Dave Vree wrote:

> I had EXACTLY this same problem, except with a Sonicwall 4100. I posted 
> the question and got the answer a couple weeks back.
> I got past it by adding "aggrmode=yes" to my connection definition.

Just to be clear, you get prompted for XAUTH username/password, right?

> Here's a few other things I did:
> a) Named the leftid "GroupVPN" -- if I name the leftID anything else, 
> sonicwall won't connect...and yes I changed it in the secrets files too.
> b) Took out leftsubnet in config file...not needed....leftIP/32 is default
> c) Took out interfaces= in config file...not needed with netkey which is 
> default in Ubuntu with its 2.6 kernel

Maybe this is my problem, if I don't have 'interfaces="ipsec0=eth0"', then 
all network connections are stopped as soon as I start openswan. I do have 
multiple interfaces.

> g) CRITICAL: Go into the Sonicwall configuration utility and set the 
> following: VPN -> Settings -> GroupVPN configure -> Client tab->"Virtual 
> Adapter Settings" from "DHCP lease" to "DHCP lease or Manual Configuration"

Yes, I already verified that was set.

> aggrmode=yes # Aggressive Mode Phase 1 negotiations (requires use of IKE)

Noted, thanks. I thought Aggressive was not recommended, but better than 

Bill Carlson

Anything is possible, given Time and Money.

More information about the Users mailing list