Evgeniy Sudyr <eject.in.ua <at> gmail.com> writes:
>
> I'm trying to establish IPSEC tunnel (for future usage with npppd
> L2TP) between -snapshot and OS X El Captain 10.11.5 and have issues
> when establishing phase1.
>
> I searched in archives and suggestions doesn't work for me. I tried
> main/quick combinations from dumps (below), which make sense.
>
> Current config is:
>
> ipsec.conf
>
> ike passive esp proto from x.x.x.x to any port 1701 \
> main auth hmac-sha1 enc 3des group modp1024 \
> quick auth hmac-sha1 enc 3des \
> psk "XXX"
...
> I tried all proposals from dump I got from both client packets and
> server site with no luck.
>
> Anybody have success with OS X client and isakmpd? It will be nice to
> see working main and quick config parts.
>
this is an older configuration, but worked for me:
ike passive esp transport \
proto udp from x.x.x.x to any port 1701 \
main auth "hmac-sha1" enc "aes" group modp1024 \
quick auth "hmac-sha1" enc "aes" group modp1024 \
psk "psk goes here"
