Hi Rajiv,
connection:
remote {
auth = psk
id = keyid:test
}
secrets:
ike-test {
id = keyid:test
secret = QuebooNa$976
}
On 07.10.2020 01:29, Rajiv Kulkarni wrote:
sorry there was a typo....i meant to use as below:
secrets {
tst1 {
id = @#0x636973636f617361
secret = test123456789
}
}
would this work?
thanks
Rajiv
On Wed, Oct 7, 2020 at 3:57 AM Rajiv Kulkarni
<[email protected] <mailto:[email protected]>> wrote:
Hi
Iam also interested to know how to configure with "swanctl.conf"....
would this config method work?
=================================================
connections {
...........
.....................
remote {
id = keyid:ciscoasa
auth = psk
}
...
..............
}
secrets {
tst1 {
id = @#636973636f617361
secret = test123456789
}
}
=======================================
With ipsec.conf, i have been configuring as below and this works
very successfully:
=======================
conn testserver1
left=172.29.100.74
right=%any
leftid=172.29.100.74
rightid=keyid:svtgrp1
.....
auto=add
....
and in the ipsec.secrets file, i configured as below:
172.29.100.74 @#0x73767467727031 : PSK "Admin$123456789"
============================================================
Iam planning to move to swanctl.conf....hence wanting to confirm
thanks & regards
Rajiv
On Tue, Sep 15, 2020 at 2:16 PM Tobias Brunner
<[email protected] <mailto:[email protected]>> wrote:
Hi Volodymyr,
> ikev2-cisoasa {
> remote_addrs = %any
> local { ... }
> remote {
> auth = psk
> id = @#636973636f617361
This can't work. The # character is used for comments, so you
basically
configured an empty FQDN identity. Either wrap this string in
quotes
id = "@#636973636f617361"
or use the keyid: prefix
id = keyid:ciscoasa
Regards,
Tobias
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
