Project

General

Profile

Charon-Pluto IKEv1 Interoperability » History » Version 4

Martin Willi, 14.06.2012 11:05

1 2 Andreas Steffen
h1. Charon-Pluto IKEv1 Interoperability
2 1 Andreas Steffen
3 3 Andreas Steffen
* "IKEv1 Interoperability Test Cases":http://www.strongswan.org/uml/pluto_charon_ikev1_interoperability/ between the strongSwan Charon and Pluto daemons.
4 4 Martin Willi
5 4 Martin Willi
h1. Migration from Pluto to Charon
6 4 Martin Willi
7 4 Martin Willi
We've tried hard to support most of pluto configurations in charon. But please keep in mind that IKEv1 in charon is a completely new implementation and that it might behave different thatn IKEv1 in pluto.
8 4 Martin Willi
9 4 Martin Willi
10 4 Martin Willi
h2. Obsolete keywords
11 4 Martin Willi
12 4 Martin Willi
The [[IpsecConf|ipsec.conf]] [[ConfigSetupSection|config setup]] section does not support any of the [[ConfigSetupSection#IKEv1-pluto-daemon-only|Pluto specific]] keywords, nor the _plutostart_, _charonstart_ or _crlcache_ keywords. 
13 4 Martin Willi
14 4 Martin Willi
NAT-Traversal is always enabled in charon, for both IKEv1 and IKEv2. The IKEv2 _eap_ keywords has been removed.
15 4 Martin Willi
16 4 Martin Willi
h2. Deprecated, but still supported keywords
17 4 Martin Willi
18 4 Martin Willi
The _authby_ and _xauth_ keywords are still supported, but deprecated. Please migrate your installation to the _leftauth_ / _rightauth_ keywords. XAuth is configured as multiple rounds using _leftauth2_ / _rightauth2_ keywords (i.e. _leftauth=pubkey_, _leftauth2_=xauth). To configure the new Hybrid Mode, define _leftauth=xauth_ and _rightauth=pubkey_.