[Openswan Users] Trying to get Openswan working Ubuntu to Cisco ASA 5510
Whit Blauvelt
whit at transpect.com
Tue Mar 9 14:18:51 EST 2010
On Tue, Mar 09, 2010 at 01:56:02PM -0500, Paul Wouters wrote:
> The specs also did not mention whether to use Main Mode or Aggressive Mode.
> If this fails, try adding aggrmode=yes
Thanks Paul. If that's the fix, it has implications I need to handle, since
simply adding it to the conn section produces first:
# ipsec auto --up cisco
024 need --listen before --initiate
and then on second invocation:
# ipsec auto --up cisco
003 "cisco" #1: multiple transforms were set in aggressive mode. Only first one used.
003 "cisco" #1: transform (5,2,2,0) ignored.
003 "cisco" #1: multiple transforms were set in aggressive mode. Only first one used.
003 "cisco" #1: transform (5,2,2,0) ignored.
112 "cisco" #1: STATE_AGGR_I1: initiate
003 "cisco" #1: Informational Exchange message must be encrypted
010 "cisco" #1: STATE_AGGR_I1: retransmission; will wait 20s for response
003 "cisco" #1: Informational Exchange message must be encrypted
Best,
Whit
More information about the Users
mailing list