The PIX is used as Easy VPN server and L2L gateway in the same time. I have difficulties with a new L2L VPN (isakmp authentication rsa-sig) because the PIX sends Xauth and Modecfg requests and the peer (Linux box with OpenSwan) tries to interpret them (received MODECFG message when in state STATE_MAIN_I4, and we aren't xauth client) and the VPN setup fails after phase 1.
I tried to disable Xauth and Modecfg for this peer with "isakmp peer fqdn FQDN no-xauth no-config-mode" but the PIX still sends the Xauth and Modecfg requests.
Can anyone give a clue what FQDN should be? (from DNS using reverse lookup for peers IP, or the FQDN from the certificate, any other tips?)