Prabhu Gurumurthy wrote: > Steven Surdock wrote: ... > > I too have the same problem. > I have a Lan 2 Lan tunnel with pfsync, carp, sasync and it > works flawlessly with > another OpenBSD system as the peer. > > I tried to enable OpenBSD to PIX tunnel (PIX 501, OS: 6.3(5)) > > I defined "quick auth hmac-sha enc aes", when I do that I get phase 1 > completed. > > ipsec.conf > ike esp from 172.30.75.0/24 to 192.168.137.0/24 \ > local 10.200.3.7 peer 10.200.3.1 \ > main auth hmac-sha1 enc aes \ > quick auth hmac-sha enc aes \ > srcid 10.200.3.7 psk "F00F00Bar" > ... I don't think "hmac-sha" is a valid argument for your Phase II.
-Steve S.
