[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: Re: [strongSwan] sonicwall with main mode
From: Martin Willi <martin () strongswan ! org>
Date: 2015-02-27 9:10:52
Message-ID: 1425028252.3155.17.camel () martin
[Download RAW message or body]
Hi,
> rightid=001122334455667788
> *IDir '62.43.189.77' does not match to '001122334455667788*'
Your Sonicwall uses '62.43.189.77' as its identity. Your strongSwan
configuration strictly requires '0011223344556677880' as defined by
rightid. Either change your Sonicwall or your strongSwan configuration
to define the same identity for the Sonicwall.
And the usual word of warning: Using psk + xauth is not recommended, as
you can't use different PSK secrets in Main Mode for different clients.
This allows any client to impersonate the gateway with that PSK.
Regards
Martin
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic