[Openswan Users] manual keying problem

Paul Wouters paul at xelerance.com
Wed Apr 28 01:07:00 EDT 2010

On Tue, 27 Apr 2010, Daren Hickman wrote:

> I am trying to connect to a device that doesn't support ike

Use "ip xfrm" instead of openswan.

> my ipsec.conf is as follows, when I start the tunnel it initiates main mode.  what is causing the keying attempt?  As always any help is greatly appreciated.  Thanks.

Only an auto= or ipsec auto command will do that.

> conn manualkey
>        esp=aes128-sha1-96
>        left=
>        leftespenckey=0x11111111111111111111111111111111
>        leftespauthkey=0x1111111111111111111111111111111111111111
>        leftsubnet=
>        right=
>        rightespenckey=0x00000000000000000000000000000000
>        rightespauthkey=0x0000000000000000000000000000000000000000
>        spi=0x100
>        type=tunnel

This is not supported anymore with openswan 2.6.x


More information about the Users mailing list