ISAKMP exchange type Base (1)
-
Hi all
is there any option to configure ISAKMP exchange type as Base (1) option in the pfSense?
I have to connect to a VPN server which supports ISAKMP exchange type as Base (1) as we have the client machine ready which supports only this option of isakmp…. -
It looks like racoon does support that, I'm not sure why we don't offer it as an option.
From racoon.conf(5)
exchange_mode (main | aggressive | base);
Defines the exchange mode for phase 1 when racoon is the
initiator. It also means the acceptable exchange mode
when racoon is the responder. More than one mode can be
specified by separating them with a comma. All of the
modes are acceptable. The first exchange mode is what
racoon uses when it is the initiator.Edit /usr/local/www/vpn_ipsec_phase1.php, and on line 631, change this:
$modes = array("main","aggressive");
To this:
$modes = array("main","aggressive","base");
Then it should be an option in the GUI
-
Or install the System Patches package and apply the following patch:
https://github.com/bsdperimeter/pfsense/commit/d5d1554278233af6817d14a5a33444e2fdb7f1b9