[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ISAKMP problem

To: "Luke Renn" <lrenn@etci.com>
Subject: Re: ISAKMP problem
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Mon, 07 Feb 2000 16:01:30 -0500
Cc: retrev@csh.rit.edu, tech@openbsd.org


In message <00ec01bf718a$29fc2840$0a83a8c0@localnet>, "Luke Renn" writes:
>This only took me two months to figure out :(
>
>Change your policy file to something like this (exactly like this):
>
>KeyNote-Version: 2
>Comment: This policy accepts ESP SAs from a remote that uses the right
>password
>Authorizer: "POLICY"
>Licensees: "thisismypassphrase"
>Conditions: app_domain == "IPsec policy" &&
>            esp_present == "yes" -> "true";
>
>note that the "passphrase:thisismypassphrase" isn't there.  leave the
>"passphrase:" out.  And make you don't have the lines from from the example
>that start with $OpenBSD something or other.  Let me know if you have more
>problems.

If you're running -current, you must have the "passphrase:" prefix.
-Angelos

Follow-Ups:
- Re: ISAKMP problem
  - From: "Luke Renn" <lrenn@etci.com>

References:
- Re: ISAKMP problem
  - From: "Luke Renn" <lrenn@etci.com>

Prev by Date: where are these functions?
Next by Date: Re: ISAKMP problem
Prev by thread: Re: ISAKMP problem
Next by thread: Re: ISAKMP problem
Index(es):
- Date
- Thread