[Swan] no (wildcard) connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Paul Wouters
paul.wouters at aiven.io
Mon Mar 14 19:47:01 EET 2022
On Sun, 13 Mar 2022, 1one.w01f wrote:
> Date: Sun, 13 Mar 2022 09:28:57
> From: 1one.w01f <dev.1one.w01f at gmail.com>
> To: swan at lists.libreswan.org
> Subject: Re: [Swan] no (wildcard) connection has been configured with policy
> PSK+AGGRESSIVE+IKEV1_ALLOW
Based on your logs, I think the ike= hash algorithm is the problem:
Mar 13 16:19:32.346942: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346954: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:32.346965: | length/value: 1 (0x1)
That is MD5. Can you tell the other end to use SHA1 or SHA256 instead ?
If not, you can try and add:
ike=3des-md5;modp1536
Paul
More information about the Swan
mailing list