[Openswan Users] IOS Cisco - bug
dprestwich at pacsim.com
Wed Feb 11 08:41:50 CET 2004
I am using an outdated freeswan 1.95 that works great but doesn't have
all the functionality that the newer versions have. (I plan on
upgrading just need the time and resources). I've ran into a little
snag with a cisco IOS version 12.2 this past week and I know that it is
a fault in the way it runs their proposal. In essence, freeswan sends
out all the proposals as it should yet IOS fails on the first proposal
of 3DES because the domain admin on the other side has set the
configuration to DES. I asked if he would switch this to 3DES but he
states he can't until he does an upgrade on their side to allow 3DES.
During the connection the SA is established but no proposal is chosen
because their side does not want to get set to 3DES. I can use DES on
my 1.95 version and am using it currently with several sites. My
question is: (and I'm pretty sure I know the answer) can I set 1.95 to
tell it which level of encryption to use? I know in the newer version
you can define say DES or 3DES but can you do this with the older ones?
I don't think that you can. Any feedback would be great. Thanks.
More information about the Users