[vpn-help] Can same server config work for iPhone and Shrew? - Phase 1 trouble

Matthew Grooms mgrooms at shrew.net
Tue Feb 14 18:32:54 CST 2012


On 1/19/2012 9:51 AM, Whit Blauvelt wrote:
> On Thu, Jan 19, 2012 at 10:31:44AM -0500, Whit Blauvelt wrote:
>
>> Is Shrew's "Mutual PSK + XAuth" the equivalent of "xauth_psk_client"
>> rather than "xauth_psk_server" on the racoon side? I have no idea what the
>> difference between those two is ...
>
> Well, Googling it, it looks like the server should properly use
> "xauth_psk_server," and the "_client" variant is only for (duh!) a remote
> client. So that shouldn't be it. Although I'm just deducing that from
> examples. Documentation is thin.
>
> Could there be some other setting necessary to get Shrew's "Mutual PSK +
> XAuth" behavior to be accepted by racoon's "xauth_psk_server" expectations?
>

The Admin Guide has a lot of material related to configuring racoon / 
ipsec-tools as a vpn gateway for the vpn client ...

http://www.shrew.net/static/help-2.1.x/vpnhelp.htm

-Matthew



More information about the vpn-help mailing list