[Openswan Users] INVALID_HASH_INFORMATION when remote peer is set to %any

Robyn Orosz rorosz at gmail.com
Wed Apr 29 10:30:56 EDT 2009


I don't know the specific answer to your question but I know that 2 Openswan
devices will connect w/o issues with aggressive mode off.   I actually have
a ton of devices running this way in my network (they're using RSAs
though).  I did test however, with PSK and %any w/o aggressive mode and it
worked.

-Robyn

On Wed, Apr 29, 2009 at 7:06 AM, Benny Amorsen
<benny+usenet at amorsen.dk<benny%2Busenet at amorsen.dk>
> wrote:

> Paul Wouters <paul at xelerance.com> writes:
>
> > You can send ID's in main mode, but it is not quick enough to determine
> who is who when
> > using PSK (instead of RSA or X.509). So for PSK, yes you need aggressive
> mode.
>
> Is this fixed with IKEv2?
>
>
> /Benny
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090429/83801a9b/attachment.html 


More information about the Users mailing list