[Vpn-help] 1.1 RC1 Bug?
Matthew Grooms
mgrooms at shrew.net
Mon Sep 18 23:40:10 CDT 2006
Brian Jones wrote:
>
> I'll hit Peter up on that part. I found it odd that I can still connect with
> nothing in the String. Granted I can't create a new hybrid xauth connection,
> I can use the already created without a problem. I wonder if that would be
> the case with an import too, I'll have to try that out.
>
Brian,
If you are sending an asn1dn id, racoon will not verify it anywhere in
hybrid mode even with id checking enabled unless there is a ...
peers_identifier asn1dn "<your id>";
... configured. With hybrid mode, there isn't a whole lot of
verification done by a gateway anyhow as the main authentication is your
user id and password. Its probably best to use a FQDN and set it on the
server so at least with Main Mode ( aka Identity protect ), there is a
bit of added security.
Thanks,
-Matthew
More information about the vpn-help
mailing list