Hi Andreas, Sorry... I'm really new to VPN configuration... I changed the watchguard edge configuration. but I'm getting this message: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
These are the new watchguard configs Phase 1 Settings: Mode: Main Mode Authentication Algorithm: SHA1-HMAC Encryption Algorithm: AES (256) Diffie-Helman Group: 2 Phase 2 Settings: Authentication Algorithm: SHA1-HMAC Encryption Algorithm: AES (256) Enable PFS This is the conn at ipsec.conf: conn vpntest keyexchange=ikev1 ike=aes256-sha-modp1536 pfs=yes pfsgroup=modp1536 esp=aes256-sha1-modp1536 compress=no authby=secret left=200.111.111.111 leftsubnet=10.10.10.0/24 leftfirewall=yes lefthostaccess=yes right=200.222.222.222 rightsubnet=192.168.10.0/24 auto=start What could be wrong in the configs above? Thanks in advance for your help! :) 2009/3/17 Andreas Steffen <andreas.stef...@strongswan.org> > strongSwan does *not* support IKEv1 Aggressive Mode - otherwise we would > have named the project weakSwan! > > Best regards > > Andreas > > Tica wrote: > > Hello all, > > I'm really new to Strongwan!! > > > > Is it possible to connect Watchguard Edge to Strongswan? > > > > I'm asking this because I'm having huge headaches here trying to > establish a > > VPN between these two systems. > > > > The biggest problem is that I can't change the watchguard edge's > > configuration... and I already tried (without success) a lot of > > configurations in ipsec.conf. > > > > These are the watchguard configurations: > > > > Phase 1 Settings > > ---------------- > > Mode: Agressive Mode > > Authentication Algorithm: SHA1-HMAC > > Encryption Algorithm: DES-CBC > > Diffie-Helman Group: 1 > > > > Phase 2 Settings > > ---------------- > > Authentication Algorithm: SHA1-HMAC > > Encryption Algorithm: DES-CBC > > Enable PFS > > > > Please... what should be the correct configuration to ipsec.conf ?? > > > > keyexchange=ikev1 > > esp= ? > > pfs=yes > > pfsgroup= ? > > compress=no > > authby=secret > > ike= ? > > > > Any help will be really apreciated!! > > > > Thanks in advance to you all! > > > > > -- > ====================================================================== > Andreas Steffen andreas.stef...@strongswan.org > strongSwan - the Linux VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== > -- Tica ;-) _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users