[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: obsd<->linux IKE interop. question
On Mon, 15 Jan 2001, Michael Jinks wrote:
> Jan 15 11:04:56 localhost Pluto: "sysvi-saecos" #2: Can't
> authenticate: no preshared key. Attribute OAKLEY_AUTHENTICATION_METHOD
> ...the most likely cause is a failure to index the key string in
> /etc/ipsec.secrets, but I'm indexing by IP address and I know that the
> IP addresses are correct for the participating peers...
Are you giving explicit IDs for the two ends in your FreeS/WAN connection
description? If so, note that ipsec.secrets lookup is nominally by ID,
not by IP address (unless there is no ID).
(One complication: for preshared-key authentication, the far end has no
opportunity to supply an ID, so it will be known by its IP address... but
I don't believe that applies to the near end.)