[strongSwan] Site-to-Site StrongSwan with a Cisco device
Mohammady Mahdy
mohammady.mahdy at getmo.com
Sun Feb 26 14:45:48 CET 2012
Hello Andreas,
Thank you for your swift response.
Does that mean it cannot be done? I also think the Cisco router is running a
linux kernel.
Thanks & Best Regards,
Mo
-----Original Message-----
From: Andreas Steffen [mailto:andreas.steffen at strongswan.org]
Sent: Sunday, February 26, 2012 5:22 PM
To: Mohammady Mahdy
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] Site-to-Site StrongSwan with a Cisco device
Hello Mo,
strongSwan is aware of the HMAC_MD5_128 algorithm
http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/crypt
o/signers/signer.h;h=e2c224d8bee787f045b1eac2de2042e23d3ee3b8;hb=HEAD#l47
but the current Linux kernel does not support an untruncated 128 bit
MD5 ESP HMAC, so there is not much sense in creating an esp= keyword for it.
Regards
Andreas
On 02/26/2012 01:14 PM, Mohammady Mahdy wrote:
> Hi All,
>
> I am still new to StrongSwan, I am trying to connect to a Cisco
> device, testing on my local servers is working but I faced a problem
> when I attempted connecting to my external target. Mainly they require
> the following for authentication "ESP/MD5/HMAC-128", In the wiki I can
> only see supported key size is 96 bits. Is there any way to do the
> connection via StrongSwan using the given authentication algorithm and key
size?
>
> Thanks & Best Regards,
>
> Mo
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications University of Applied
Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.1913 / Virus Database: 2114/4833 - Release Date: 02/26/12
More information about the Users
mailing list