Hello Andreas,
I tried that but still no go: | af+type: OAKLEY_AUTHENTICATION_METHOD | length/value: 1 | [1 is pre-shared key] "x-ethernet0" #1: Can't authenticate: no preshared key found for '10.1.1.1' and '10.1.1.2'. Attribute OAKLEY_AUTHENTICATION_METHOD "x-ethernet0" #1: no acceptable Oakley Transform "x-ethernet0" #1: sending notification NO_PROPOSAL_CHOSEN to 10.1.1.2:500 If I do 10.1.1.1 10.1.1.2 : PSK "test123" then it works like a charm. However, I took some time to look at the code and found this function: const secret_t* match_secret(identification_t *my_id, identification_t *his_id, secret_kind_t kind) A part of this function is the following: enumerator = s->ids->create_enumerator(s->ids); while (enumerator->enumerate(enumerator, &id)) { if (my_id->equals(my_id, id)) { match |= match_me; } if (his_id->equals(his_id, id)) { match |= match_him; } } enumerator->destroy(enumerator); Read some comments on the code and then i changed my_id->equals(...,...) to my_id->matches(....,....) and now it recognizes the %any keyword properly. But I'm not sure if I didn't break anything. What do you think about it? By the way, strongswan v4.6.2 Thanks for your time Germano Veit Michel germanovmic...@aim.com Germano Veit Michel germanovmic...@aim.com
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users