Hi, I try to get work together Strongswan (v. 4.3.6) & Cisco VPN client (v. 5.0.08.290). When the Cisco client try to connect to the Strongswan, the connection is refused by Strongswan and in log are the messages:
preparse_isakmp_policy: peer requests PUBKEY+XAUTHRSASIG+XAUTHSERVER authentication initial Main Mode message received on a.b.c.d but no connection has been authorized with policy=PUBKEY+XAUTHRSASIG+XAUTHSERVER. I looked in mailing lists, and I know, that this problem with Cisco VPN client was here in past, but the final result ? Maybe the problem is, that the Cisco VPN client request the policy PUBKEY+XAUTHRSASIG+XAUTHSERVER, but Strongswan has the policy: ENCRYPT+TUNNEL+PFS+XAUTHRSASIG+XAUTHSERVER - so the requested policy did not fit the Strongswan policy. I don't know, how I can set in Strongswan the policy PUBKEY+XAUTHRSASIG+XAUTHSERVER, because when I use On Strongswan in the connection description: authby=xauthrsasig xauth=server the Strogwan policy for this connection will be ...+XAUTHRSASIG+XAUTHSERVER, without PUBKEY The policy ...+PUBKEY I receive with: "authby=RSASIG". So my question is, how I can set on Strongswan the policy PUBKEY+XAUTHRSASIG+XAUTHSERVER. I think, that this is impossible, because the authentication method "rsasig" and "xauthrsasig" are mutual exclusive. If somebody had success with connection Cisco VPN client to Strongswan, give me please information. Thank you for answer, Petr _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
