2016-04-30 13:30 GMT-03:00 Paul Wouters <[email protected]>: > vhost:%no,%priv
I've followed your suggestion, and now I get: 000 "windows": oriented; my_ip=unset; their_ip=unset; mycert=hope.belkin.home 000 "windows": xauth us:none, xauth them:none, my_username=[any]; their_username=[any] 000 "windows": modecfg info: us:none, them:none, modecfg policy:push, dns1:unset, dns2:unset, domain:unset, banner:unset; 000 "windows": labeled_ipsec:no; 000 "windows": policy_label:unset; 000 "windows": CAs: 'DC=ar, DC=com, DC=vfc, CN=vfc-MS00009-CA'...'%any' 000 "windows": ike_life: 3600s; ipsec_life: 28800s; replay_window: 32; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; 000 "windows": retransmit-interval: 500ms; retransmit-timeout: 60s; 000 "windows": sha2_truncbug:no; initial_contact:no; cisco_unity:no; fake_strongswan:no; send_vendorid:no; 000 "windows": policy: RSASIG+ENCRYPT+DONT_REKEY+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO; 000 "windows": conn_prio: 32,32; interface: wlp7s0; metric: 0; mtu: unset; sa_prio:auto; nflog-group: unset; mark: unset; 000 "windows": newest ISAKMP SA: #1; newest IPsec SA: #2; 000 "windows": IKE algorithm newest: 3DES_CBC_192-SHA1-MODP1024 000 "windows": ESP algorithm newest: AES_128-HMAC_SHA1; pfsgroup=<N/A> 000 000 Total IPsec connections: loaded 3, active 1 000 000 State Information: DDoS cookies not required, Accepting new IKE connections 000 IKE SAs: total(1), half-open(0), open(0), authenticated(1), anonymous(0) 000 IPsec SAs: total(1), authenticated Thanks in advanec! -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
