Bump. Thanks - John On Sat, 2013-07-27 at 23:49 -0400, John A. Sullivan III wrote: > Hello, all. I'm finding some difficulty transitioning from OpenSWAN to > StrongSWAN. Most of my connections are internal and so use certs but I > occasionally must establish an outside connection via PSK. With OSWAN, > I typically create a default connection which specifies > authby=rsasig > leftrsasigkey=%cert > leftcert=<cert name> > leftid=<DN> > > and so forth. For the PSK, I simply specify in the specific config > section: > authby=secret > leftid=<IP Address> > > and it seems to work. > > In SSWAN, I get complaints that the ID is not validated by the cert. I > don't want to put the IP in the subjAltName as they may change. More > importantly, if I have specified authby=secret why is it even looking at > the cert? > > I've tried disabling this cert lookup by adding leftrsasigkey=%none and > even leftcert="" but none of that seems to work. How does one get SSWAN > to ignore the default cert when using PSK? Thanks - John > > > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
