Paul Wouters <paul at xelerance.com> writes: > You can send ID's in main mode, but it is not quick enough to determine who is who when > using PSK (instead of RSA or X.509). So for PSK, yes you need aggressive mode. Is this fixed with IKEv2? /Benny