[Openswan Users] openswan 2.6.21 not recognize pfsgroup in ipsec.conf
Zhiping Liu
flyingzpl at gmail.com
Tue May 12 02:10:24 EDT 2009
HI everyone:
I upgrade openswan from version 2.4.10 to 2.6.21,found that config string
"pfsgroup" not recoginize in 2.6.21.
Searing google...found nothing related to my issue.
-bash-3.2$ sudo ipsec setup start
can not load config '/etc/ipsec.conf': /conf/ipsec.d/101.conf:11: syntax
error, unexpected STRING [pfsgroup]
Failed to parse config setup portion of ipsec.conf
-bash-3.2$ vi /conf/ipsec.d/101.conf
conn aa
type = tunnel
auto = start
keyexchange = ike
authby = secret
auth = esp
esp = 3DES-SHA1
ike = 3DES-MD5-MODP1024
aggrmode = yes
pfs = yes
pfsgroup = MODP1024
left = %defaultroute
leftsubnet = 192.168.111.0/255.255.255.0
right = XXXX.3322.org
rightsubnet = 192.168.60.0/255.255.255.0
leftid = @a
rightid = @b
I change 1 line in Makefile.inc:
line 362: USE_WEAKSTUFF?=true
--
from Romeo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090512/da8f80bf/attachment.html
More information about the Users
mailing list