tag:blogger.com,1999:blog-7836204352369514180.post8029920647962759537..comments2022-03-25T05:11:20.110+01:00Comments on Around the World in Java: Ubuntu VPN Client SetupHarald Wellmannhttp://www.blogger.com/profile/08039976160321882828noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-7836204352369514180.post-8149184600393335612012-01-08T19:12:01.258+01:002012-01-08T19:12:01.258+01:00Fortigate can NOT use Aggressive mode as per:
http...Fortigate can NOT use Aggressive mode as per:<br />http://wiki.strongswan.org/projects/strongswan/wiki/FAQ<br /><br />ipsec.secret<br />------------<br /><br />user_to_be_used_in_xauth_identity_directive : XAUTH "MyPassword"<br />: PSK "MyPreSharedKey"<br /><br />ipsec.conf<br />----------<br /><br />config setup<br /> interfaces="ipsec0=eth0"<br /> nat_traversal=yes<br /> plutostderrlog=/var/log/pluto.log<br /> plutodebug=all<br /><br />conn %default<br /> keylife=28800<br /> keyexchange=ikev1<br /> authby=xauthpsk<br /> xauth=client<br /> <br />conn spgs<br /> left=%defaultroute<br /> leftid=@mainipsec<br /> # explicit IP address not part of the DHCP pool on Fortigate<br /> leftsourceip=192.168.xxx.xxx<br /> # IP of the Fortigate<br /> right=xxx.xxx.xxx.xxx<br /> rightsubnet=10.0.0.0/16<br /> pfs=yes<br /> ike=3des-sha1-modp1024,aes128-sha1-modp1024<br /> esp=aes128-sha1-modp1536,3des-sha1-modp1536<br /> dpdaction=restart<br /> dpddelay=10<br /> dpdtimeout=30<br /> xauth_identity=user_in_ipsec.secret<br /> auto=addsebushttps://www.blogger.com/profile/13268852894044639403noreply@blogger.com