[strongSwan] DH group MODP_2048 inacceptable, requesting MODP_1024
kevin.clark at csoft.co.uk
Fri Jan 21 16:10:46 CET 2011
> Your responder configuration uses the IKE proposal
> making modp2048 unacceptable. Please double check ipsec.conf and update
> your proposal configuration.
I have double-checked ipsec.conf and can confirm that an ike configuration is not defined in either a default or specific connection.
In the absence of an ike configuration in ipsec.conf I would have expected all registered algorithms to be supported, but this does not seem to be the case here.
More information about the Users