[Openswan Users] IKE / ESP
David Prestwich
dprestwich at pacsim.com
Thu Nov 18 18:05:14 CET 2004
What do I set the ike and esp values to for Openswan when the other end
is a cisco concentrator? I'm failing on the second proposal and believe
it has to do with my settings.
###Cisco specs ###
1. Peer IP address - X.X.X.X
2. Preshared Key - as discussed
3. IKE proposal -- proposed
Authentication Mode - preshare
Authentication Algorithm- SHA/HMAC
Encryption Algorithm - 3DES-168
Diffie-Hellman Group- group 2
Data Lifetime - 10000 kilobytes (KB).
Time Lifetime - 86400 Sec
4. IPSec SA -- proposed
Authentication Algorithm - ESP/SHA/HMAC-160
Encryption Algorithm - 3DES 168
Encapsulation Mode - tunnel
Lifetime Measurement - both (data/time)
data lifetime - 10000 kilobytes (KB)
time lifetime - 28800 seconds
I've only done the 3DES-md5 one - not sure about the settings for sha
More information about the Users
mailing list