[Vpn-help] PSK client with asn1dn server?
Peter Eisch
peter at boku.net
Fri Sep 15 10:46:35 CDT 2006
I changed my testing server back to 'my_identifier asn1dn' and [re]connected
with the mutual-psk-xauth config and it connected. Does this make sense?
How could the client auth the server? The server seems to go through the
motions of doing RSA steps (still not an expert on reading racoon's -ddd
output) even though the phase 1 proposal is matched for PSK. Is this
intentional or a bug?
It would seem to me that the client should make some effort to auth the
server given the policy. Oddly I like the behavior, but it doesn't seem to
make any sense or could be seen to be a security hole.
Bewildered,
peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20060915/f5a60859/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cow PSK Xauth.vpn
Type: application/octet-stream
Size: 907 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20060915/f5a60859/attachment-0001.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: logfile.txt
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20060915/f5a60859/attachment-0001.txt>
More information about the vpn-help
mailing list