[Openswan Users] openswan and sonicwall psk

Paul Wouters paul at xelerance.com
Fri Nov 11 13:51:06 EST 2011


On Fri, 11 Nov 2011, craig millar wrote:

> I keep getting messages along the lines of:
>
> Nov 11 15:56:12 gw pluto[7922]: "sonicwall" #1: responding to Main Mode
> Nov 11 15:56:12 gw pluto[7922]: "sonicwall" #1: Can't authenticate: no
> preshared key found for `@gw' and `@sonicwall router'.  Attribute
> OAKLEY_AUTHENTICATION_METHOD

> No matter how I seem to format the secrets file, I get this message,
> in spite of the fact that the file is definitely loaded. I suspect it
> may be something to do with the fact that the right id has a space in
> it, i.e. "@sonicwall router".

Yes indeed.

> I have tried quoting the right id, before and after the @ sign, i.e.
> "@sonicwall router" and @"sonicwall router", with no quotes, tried
> leaving out the ids altogether which also fails with
> INVALID_ID_INFORMATION and various permutations inbetween.
>
> This is my current secrets file:
>
> @gw "@sonicwall router": PSK "xxxxxxxxx"

Have you tried @"sonicwall router" ?

> Unfortunately changing the rightid on the box itself is not an option
> as it's connected to various other sites and I don't wish to break
> things further.

It might be possible to change the code. Once there is a good idea on how
to deal with it. Then change the code in lib/libopenswan/secrets.c

Paul


More information about the Users mailing list