[strongSwan] what is the default value of the cipher suite?
nanjian5
nanjian5 at gmail.com
Mon Jul 11 15:18:36 CEST 2011
Hi all,
I just want to know what is the default value of the cipher suite if
the *ike* and *esp* directives in
ipsec.conf<http://wiki.strongswan.org/projects/strongswan/wiki/IpsecConf>
are
not specified in IKEv2. Maybe this is a simple question. But I can not find
it in the manual of strongswan 4.5.2.
In my mind I though it will support all the combination of the cipher
suites. But I get confused in the following scenario when the *ike* and *
esp* directives in
ipsec.conf<http://wiki.strongswan.org/projects/strongswan/wiki/IpsecConf>
are
not specified:
1. It always says it is inacceptable for the MODP 1024, and request
MODP 2048 for PSK.
But it can establish the IKE SA and child SA with MODP 1024 for
EAP-AKA
2. It can establish the IKE SA and child SA for EAP-AKA.
But it always says the cipher suite is inacceptable for rekeying
the child SA.
Best regards,
nanjian5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110711/3a35a90a/attachment.html>
More information about the Users
mailing list