Jarkko Teppo <jht380@luukku.com> wrote:

> > Using the patch below, I was able to establish a phase 2 SA with
> > rijndael-cbc between ipsec-tools racoon and KAME racoon (both hosts
> > running NetBSD). Does that fix the issue for you?  
> > 
> 
> A similar change I made fixed my AES problems.
> 
> Still can't get over this though (with Cisco vpn-client 4.0.5(c)):
> 
>  ERROR: Hybrid auth negotiated but peer did not succeed Xauth
>  exchange
> 
> But that's probably some mistake I've made in the configuration. 

Try upgrading the Cisco VPN client?

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@netbsd.org