[Swan] Aggressive mode not possible with Juniper Netscreen
Paul Wouters
paul at nohats.ca
Sun Jan 20 01:24:43 EET 2013
On Fri, 18 Jan 2013, Philippe Vouters wrote:
> In summary, it looks to me there are two issues here :
>
> 1/ Libreswan could be wrongly issuing the packet rejected message meanwhile
> taking the corresponding action.
> 2/ Another problem you seem to face is on your Netscreen side (your traces).
> At the time of the Libreswan packet rejected message, Netscreen would wrongly
> assume it is already phase 2 while Libreswan is still keeping in phase 1.
I'm pretty sure this is 2)
There is a mismatch in configuration.
Paul
More information about the Swan
mailing list