[strongSwan] sha2_256_96 and IKEv2
Gabriel VLASIU
gabriel at vlasiu.net
Mon Apr 19 12:53:13 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all.
pluto works fine with:
ike=aes256-sha2_512-modp8192!
esp=aes256-sha2_256_96-modp8192!
charon does not like esp part:
charon: 04[CFG] an algorithm from private space would match, but peer implementation is unknown, skipped
charon: 04[CFG] received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_96/NO_EXT_SEQ
charon: 04[CFG] configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_96/MODP_8192/NO_EXT_SEQ
charon: 03[IKE] no acceptable proposal found
.....
charon: 03[CFG] an algorithm from private space would match, but peer implementation is unknown, skipped
charon: 03[CFG] received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_96/MODP_8192/NO_EXT_SEQ
charon: 03[CFG] configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_96/MODP_8192/NO_EXT_SEQ
charon: 03[IKE] no acceptable proposal found
Using sha1 instead of sha2_512 and everything works fine.
So, how coud I fix this? Thank you.
Sincerely,
Gabriel
- --
// Gabriel VLASIU
//
// OpenGPG-KeyID : 0xE684206E
// OpenGPG-Fingerprint: 0C3D 9F8B 725D E243 CB3C 8428 796A DB1F E684 206E
// OpenGPG-URL : http://www.vlasiu.net/public.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFLzDYdeWrbH+aEIG4RAr+2AKCExcshm9h4Ft62htkCGQ3XE8BQggCdFbez
LW1Gu3slHeGp81vMLeKR2Qo=
=lkV/
-----END PGP SIGNATURE-----
More information about the Users
mailing list