[Vpn-help] 1.1 RC1 Bug?

Matthew Grooms mgrooms at shrew.net
Mon Sep 18 23:40:10 CDT 2006

Brian Jones wrote:
> I'll hit Peter up on that part. I found it odd that I can still connect with
> nothing in the String. Granted I can't create a new hybrid xauth connection,
> I can use the already created without a problem.  I wonder if that would be
> the case with an import too, I'll have to try that out.


If you are sending an asn1dn id, racoon will not verify it anywhere in 
hybrid mode even with id checking enabled unless there is a ...

peers_identifier asn1dn "<your id>";

... configured. With hybrid mode, there isn't a whole lot of 
verification done by a gateway anyhow as the main authentication is your 
user id and password. Its probably best to use a FQDN and set it on the 
server so at least with Main Mode ( aka Identity protect ), there is a 
bit of added security.



More information about the vpn-help mailing list