[Swan] Dropping AUTH message containing INITIAL_CONTACT on OSX and Win10

Paul Wouters paul at nohats.ca
Wed Jan 9 18:07:09 UTC 2019


On Wed, 9 Jan 2019, Derek Cameron wrote:

> 
> Thanks for your help. You're welcome to copy and paste anything you
> like from my blog post
> https://dc77312.wordpress.com/2019/01/09/libreswan-ipsec-ikev2-vpn-on-rhel-8-beta-server-and-windows-10-client/

Thanks, I'll see about merging it onto the libreswan wiki. Thanks for
the permission!

Some notes:

- Please use "libreswan" or "Libreswan", not "LibreSwan" :)
- Does it survive rekeying? You might want/need to add
   msdh-downgrade=yes to allow rekeying without or with wrong/bad
   DH group 1024 (perhaps the latest Windows build fixed this?)
- I think you can fixup the authentication without using powershell,
   but I would have to reclick through a windows box again to remember
   how I did that.

Paul


More information about the Swan mailing list