>/usr/local/sbin/choparp fxp0 auto 10.0.0.128/30 </dev/null >/dev/null
>(all on one line, with the proper XML escaping of course)
Thanks, I can confirm that this works fine, if escaped as
<shellcmd>/usr/local/sbin/choparp fxp0 auto 10.0.0.128/30 </dev/null
>/dev/null 2>&1 & </shellcmd>
and if I use the "aggressive" mode of IPSec.
But, for security reasons, as soon as I change to "normal" mode the
IPSec tunnel does not come up anymore (agressive is known as easy to
crack even with longer pre-shared keys). Even though the tunnel was fine
in agressive mode, and I did not change any parameter other than the mode.
Any suggestions what I might have overlooked?