Can the IPFire support Aggresive mode VPN?

Hi all,

I have a DHCP Private wan IP for the branch PaloAlto Firewall.
I want that branch build a S2S VPN to my IPFire @ HQ with real wan IP.

I do believe Aggressive mode with local and peer id auth VPN is needed for this case.

But I can not find any Gui Aggresive mode supported from the IPFire Gui, can anyone advise?

Thanks,

It can use it but only with manual changes to the strongwan config but
you should avoid this at any costs because “Aggressive mode” means “no vpn” because this part of IKEv1 is unfixable broken.

https://docs.strongswan.org/docs/5.9/support/faq.html

3 Likes

Great help, thx

As Arne said, please don’t use aggressive mode. Ever.