On Fri, 28 Mar 2014, Marc-Christian Petersen wrote:
yep, I know about the bug but it doesn't happen here.
for whatever reason iOS is using hybrid mode when using
cisco ipsec mode with group name and PSK.
Maybe the problem is Libreswan not offering XAUTH when in
aggressive mode and iOS is falling back to hybrid?
Does it not send the XAUTH vendor id in Aggressive Mode?
btw. There is unmaintained code in contrib/checkpoint-hybrid/ to support
Hybrid Mode. If someone wants to merge in that code, and provide some
interop testing (eg with Shrew Soft) we could pull that code into the
main code base.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
