[Openswan Users] openswan and sonicwall psk

craig millar craigmillar at gmail.com
Fri Nov 11 16:55:10 EST 2011


On 11 November 2011 18:51, Paul Wouters <paul at xelerance.com> wrote:
>> No matter how I seem to format the secrets file, I get this message,
>> in spite of the fact that the file is definitely loaded. I suspect it
>> may be something to do with the fact that the right id has a space in
>> it, i.e. "@sonicwall router".
>
> Yes indeed.

So I am not going insane then?

>> I have tried quoting the right id, before and after the @ sign, i.e.
>> "@sonicwall router" and @"sonicwall router", with no quotes, tried
>> leaving out the ids altogether which also fails with
>> INVALID_ID_INFORMATION and various permutations inbetween.
>>
>> This is my current secrets file:
>>
>> @gw "@sonicwall router": PSK "xxxxxxxxx"
>
> Have you tried @"sonicwall router" ?

Yes, but I perhaps worded it badly above.

>> Unfortunately changing the rightid on the box itself is not an option
>> as it's connected to various other sites and I don't wish to break
>> things further.
>
> It might be possible to change the code. Once there is a good idea on how
> to deal with it. Then change the code in lib/libopenswan/secrets.c

Since I am working from a deb package I'd prefer not to go this route
for maintenance purposes but definitely a worst case scenario
consideration. Appreciate your response, I am currently upgrading the
box and openswan to v2.6x which may help.

Craig


More information about the Users mailing list