[Openswan Users] Trying to get Openswan working Ubuntu to Cisco ASA 5510
Whit Blauvelt
whit at transpect.com
Wed Mar 10 16:21:55 EST 2010
On Wed, Mar 10, 2010 at 01:57:17PM -0500, Paul Wouters wrote:
> > phase2=esp
> > phase2alg=3DES-SHA1
> > ike=3DES-SHA1
> >
> >works connecting to the Cisco, while
> >
> > esp=3DES-SHA1
> > ike=3DES-SHA1
> >
> >fails. Most odd.
>
> Could you confirm that with some good tests to ensure the cisco did
> not keep any state or something? Those configs should be fully
> equivalent.
You may well be right about the Cisco, somehow. Now the second form does
work. Yet before there was no joy until going from the first to the second.
The Cisco is totally out of my control, so can't say nothing's changed
there, or directly probe its state.
Whit
More information about the Users
mailing list