Hi, I am trying to create an IPSEC tunnel between an OpenBSD 5.8 and VMWare's vcloud air cloud platform.
The options that I can set from the vmware side (they provide a GUI) are specific and they are the following: -Local networks -Remote networks -Peer -Pre shared key -Encryption (3DES) On the OpenBSD side I use ipsec.conf and the contents are the following: ike esp from 192.168.66.0/24 to 192.168.55.0/24 peer ABC.DEF.GHI.JKL main auth hmac-sha1 enc 3des group modp1024 quick auth hmac-sha2-256 enc blowfish psk MY-PSK-PHRASE When I start isakmpd and ipsecctl -f /etc/ipsec.conf I always get the following message and the SAs are never created. 133935.717470 Default attribute_unacceptable: AUTHENTICATION_METHOD: got PRE_SHARED, expected RSA_SIG 133935.717808 Default message_negotiate_sa: no compatible proposal found 133935.717916 Default dropped message from ABC.DEF.GHI.JKL port 500 due to notification type NO_PROPOSAL_CHOSEN 133944.988656 Default transport_send_messages: giving up on exchange peer-ABC.DEF.GHI.JKL , no response from peer ABC.DEF.GHI.JKL :500 133945.755693 Default attribute_unacceptable: AUTHENTICATION_METHOD: got PRE_SHARED, expected RSA_SIG 133945.755884 Default message_negotiate_sa: no compatible proposal found 133945.755930 Default dropped message from ABC.DEF.GHI.JKL port 500 due to notification type NO_PROPOSAL_CHOSEN It seems that although I specify that I want a psk to be used, it expects a pub key. Thank you, George
