[Swan] no (wildcard) connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW (fwd)
Paul Wouters
paul at nohats.ca
Tue Mar 15 17:55:14 EET 2022
On Tue, 15 Mar 2022, 1one.w01f wrote:
> Thank you very much for the suggestion. Unfortunately the client doesn't have options for choosing the
> algorithms. I then added
> ike=3des-md5;modp1536,3des-sha1;modp1536,aes-sha1;modp1536,aes-md5;modp1536
Only use ike=3des-md5;modp1536 as that is the only proposal they are
sending you. Aggressive mode is a bit tricky in you needing to get it
all exactly right. If that by itself does not work, try adding pfs=no
If you can see logs of the fortinet device that would be best, it might
tell you what it does not like.
Paul
More information about the Swan
mailing list