given is an ipsec gateway (i think it's running some older openswan or
some other swan) to which i need to connect, establishing a net-net
tunnel. the parameters needed are "IKE rekeying 1440 minutes (24
hours), IPSEC 3600 seconds (1 hour), both with 3DES/SHA1, no PFS", and
these are carved in stone, i was told.
The 3DES-SHA1 is included with isakmpd's default main-mode and quick-mode
definitions, try those instead of redefining them.
i can't seem to get isakmpd to establish a tunnel with that site. it
seems as if phase 1 would have been negotiatied fine, but when isakmpd
then sends an `initial contact', then gets back an ipv4_addr, then
things literally stop happening here.
What version of OpenBSD? 3.8?
Can you show us: sudo ipsecctl -s all
after isakmpd has been started and stops making progress?
Thanks,
-Matt-
