I don't have a PFS option in the phase 1 configuration.
Here is what I did so far:
Created a local user:
Username: sunray01
IKE User -> Simple identity: Ike id type: auto
Ike identity: [email protected]
Xauth User and set a password.
Created a new VPN gateway:
Name: SunrayThinC
Dialup user and selected sunray01 as user
entered the preshared key.
phase1: pre-g2-3des-md5; pre-g2-3des-sha, pre-g2-aes128-md5, pre-g2-aes128-sha
Mode: aggressive
Nat-traversal enabled with UDP checksum
phase2: nopfs-esp-3des-md5, nopfs-esp-3des-sha, nopfs-esp-aes128-md5,
nopfs-esp-aes128-sha
( previously I had the same as in phase1 but it also didn't work)
On my sunray I configured:
Group: [email protected]
Key: preshared key
User: sunray01
password: password of sunray01
Any idea what is wrong?
Wouter
The Sun ray uses a fixed configuration offering combinations of
AES/3-DES and MD5/SHA-1 for phase 1, with PFS disabled. That is most
likely why the gateway is rejecting the Sun Ray's IKE 1 request. There
is currently no configuration option for PFS.
Kent
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
