# ipsec.conf config setup charondebug="dmn 1"
conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev1 aggressive=no type=tunnel dpdaction=clear dpddelay=60s conn home left=%defaultroute xauth_identity=user leftid=@CiscoPSKCxnProfile xauth = client leftsourceip = %config leftauth=psk leftauth2=xauth leftfirewall=no right=111.222.333.444 rightsubnet=192.168.0.0/16 rightauth=psk ike=aes-sha-modp1024 esp=aes-sha1-modp1024 auto=start # the ipsec.secrets has the corresponding PSK and password for user Do let me know if you see an issues? -Neeraj Subject: Re: [strongSwan] Cannot do IKEv1/PSK Main Mode in Cisco ASA 5510 From: e...@cendatsys.com Date: Thu, 27 Sep 2012 08:53:40 -0500 To: kaj...@live.in; users@lists.strongswan.org I just went through this same problem -- still struggling with routing but seem to habe the connection. What's the Cisco config and you ipsec.conf? Neeraj Sharma <kaj...@live.in> wrote: I tried doing this a couple of times and did succeed with configuring a StrongSwan client connecting to a Cisco ASA 5510 in IKEv1/PSK Main Mode. What works at present is the IKEv1/PSK Aggressive mode. I am no Cisco expert, so its possible (pointed by endre that it works as well over freenode #strongswan) that I am missing a Cisco ASA config. Any pointers (doc, etc) will be of great help. Thanks, Neeraj Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users