On Mon, Aug 13, 2007 at 01:30:11AM +0300, Sergey Prysiazhnyi wrote:
> ike dynamic from any to any \
> main auth hmac-sha1 enc aes group modp1024 \
> quick auth hmac-sha1 enc aes psk secret
>
> ; ike passive, ike passive esp, ike esp, etc - no results.
On the openbsd gateway you need something like this
ike passive from any to 10.1.1.0/24 \
main auth hmac-sha1 enc 3des group modp1024 \
quick auth hmac-sha1 enc 3des psk secret
The default transform of the greenbowclient for phase 1 is
3des/sha1/modp1024, for phase 1 3des/sha1.
