[Swan] Trying to connect using libreswan to a Fortigate IPsec VPN

Dan Stromberg dstromberg at keepersecurity.com
Tue Jul 13 04:04:59 UTC 2021

I just hit upon this way of getting ike-scan to talk to a Fortigate box:

+ ike-scan --multiline --dhgroup=5 --id=officelan --aggressive -v -v -v
DEBUG: pkt len=429 bytes, bandwidth=56000 bps, int=65285 us
Starting ike-scan 1.9.4 with 1 hosts (
Host List:

Entry IP Address Cookie
1 79b5d29790b9681f

Total of 1 host entries.


--- Sending packet #1 to host entry 1 ( tmo 500000 us
--- Received packet #1 from Aggressive Mode Handshake returned
SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=5:modp1536 LifeType=Seconds
KeyExchange(192 bytes)
Nonce(16 bytes)
ID(Type=ID_IPV4_ADDR, Value=
Hash(20 bytes)
VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)
VID=09002689dfd6b712 (XAUTH)
--- Removing host entry 1 ( - Received 388 bytes

Ending ike-scan 1.9.4: 1 hosts scanned in 0.099 seconds (10.11 hosts/sec).
 1 returned handshake; 0 returned notify

I've tried a number of things in the ike-scan invocation, but the last
thing I changed before it started behaving a little better, was to add the
--dhgroup=5 .

Does that help formulate some educated guesses?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20210712/eedfe4ba/attachment.html>

More information about the Swan mailing list