[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: obsd<->linux IKE interop. question

To: Michael Jinks <mjinks@saecos.com>
Subject: Re: obsd<->linux IKE interop. question
From: Henry Spencer <henry@spsystems.net>
Date: Mon, 15 Jan 2001 16:29:45 -0500 (EST)
Cc: misc@openbsd.org, linux-ipsec@freeswan.org

On Mon, 15 Jan 2001, Michael Jinks wrote:
> Jan 15 11:04:56 localhost Pluto[5381]: "sysvi-saecos" #2: Can't
> authenticate: no preshared key.  Attribute OAKLEY_AUTHENTICATION_METHOD
>
> ...the most likely cause is a failure to index the key string in
> /etc/ipsec.secrets, but I'm indexing by IP address and I know that the
> IP addresses are correct for the participating peers...

Are you giving explicit IDs for the two ends in your FreeS/WAN connection
description?  If so, note that ipsec.secrets lookup is nominally by ID,
not by IP address (unless there is no ID). 

(One complication:  for preshared-key authentication, the far end has no
opportunity to supply an ID, so it will be known by its IP address... but
I don't believe that applies to the near end.)

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:
- Re: obsd<->linux IKE interop. question
  - From: Michael Jinks <mjinks@saecos.com>

References:
- obsd<->linux IKE interop. question
  - From: Michael Jinks <mjinks@saecos.com>

Prev by Date: Re: dante ?n
Next by Date: Re: Multiplex 2 DSL lines
Prev by thread: obsd<->linux IKE interop. question
Next by thread: Re: obsd<->linux IKE interop. question
Index(es):
- Date
- Thread