> The current version of Strongswan (5.1.2) does not work with newer versions > of pfSense (Strongswan 5.3.2 based). > When using IPsec IKEv2/PSK the identity type is now prefixed leftid and > rightid for better matching.
Hm, could you elaborate on that? For instance, provide example configs? At a first glance I'd say what pfSense does is wrong, as it seems to send incorrectly encoded identity payloads. As described in the man/wiki page, you can't just prefix a string with a prefix and expect that to work correctly. These prefixes are really mostly useful in special situations (e.g. to encode a FQDN as keyid). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1451091 Title: new upstream version 5.2.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1451091/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
