On Tue, Apr 29, 2008 at 08:56:57PM -0400, Christopher Sean Hilton wrote: > Hi, > > I'm trying to connect a Netgear FVS114 to my OpenBSD 4.2 machine. I seem to > be stuck getting the following three error lines when I use isakmpd -K -d > > 205022.882116 Default attribute_unacceptable: AUTHENTICATION_METHOD: got > PRE_SHARED, expected RSA_SIG > 205022.882456 Default message_negotiate_sa: no compatible proposal found > 205022.882710 Default dropped message from 76.252.200.204 port 500 due to > notification type NO_PROPOSAL_CHOSEN > > I'm assuming that the problem is that OpenBSD is insisting on using RSA_SIG > for authentication and my Netgear box want to use PRE_SHARED keys. While I > want to have RSA authentication in the long run it's quite a lot of steps > and I'd like to have an intermediate configuration with pre shared keys. > > How do I configure that in isakmpd?
If you are using ipsec.conf(5), see "psk". If you are using isakmpd.conf, and for some reason can't/don't want to switch to the much nicer ipsec.conf(5), see isakmpd.conf(5), "Authentication" under "ISAKMP-peer". If neither of the above is helpful, feel free to send your configuration... Joachim -- TFMotD: sha1 (1) - calculate a message-digest fingerprint (checksum) for a file