uniqueids=no conn xauth-psk authby=secret pfs=no auto=add rekey=no left=%defaultroute leftsubnet= rightaddresspool= right=%any # make cisco clients happy cisco-unity=yes # address of your internal DNS server modecfgdns= # versions up to 3.22 used modecfgdns1 and modecfgdns2 #modecfgdns1= leftxauthserver=yes … Once the pre-shared key is known MITM attacks to gather the XAuth credentials can easily be executed.

