[Vpn-help] 1.1 RC1 Bug?
mgrooms at shrew.net
Mon Sep 18 23:40:10 CDT 2006
Brian Jones wrote:
> I'll hit Peter up on that part. I found it odd that I can still connect with
> nothing in the String. Granted I can't create a new hybrid xauth connection,
> I can use the already created without a problem. I wonder if that would be
> the case with an import too, I'll have to try that out.
If you are sending an asn1dn id, racoon will not verify it anywhere in
hybrid mode even with id checking enabled unless there is a ...
peers_identifier asn1dn "<your id>";
... configured. With hybrid mode, there isn't a whole lot of
verification done by a gateway anyhow as the main authentication is your
user id and password. Its probably best to use a FQDN and set it on the
server so at least with Main Mode ( aka Identity protect ), there is a
bit of added security.
More information about the vpn-help