[Swan-dev] Did Libreswan address these two issues with a Cisco IOS peer ??????
Muenz, Michael
m.muenz at spam-fetish.org
Mon Feb 24 12:37:37 EET 2014
Am4.02.2014 07:40, schrieb Paul Wouters:
> On Mon, 24 Feb 2014, Philippe Vouters wrote:
>
>> By the way, with Cisco IOS, PSK implies Aggressive mode; RSA implies
>> Main mode.
>
> Not always. Cisco can do PSK with Main Mode as well. Perhaps the GUI
> does not allow it, but the CLI does allow it. At least in some Cisco's
> I have seen.
>
Can't find the original mail with the Aggressive mode stuff, but for
Site-2-Site VPNs, Cisco always uses MM per default, only the client
implies AM.
I'm back at work in 3 weeks, then I can offer you full access to
multiple routers with different IOS if you like.
If you have an address in Germany I could spend some old 836 routers and
a 886 (with defect ATM, but Ethernet is fine) for testing.
Michael
--
www.muenz-it.de
- Cisco, Linux, Networks
More information about the Swan-dev
mailing list