[Openswan Users] config problem
Paul Wouters
paul at xelerance.com
Mon Aug 29 18:02:17 CEST 2005
On Mon, 29 Aug 2005, Szentmarjay Tibor wrote:
> "now phase 2 parameters are wrong. The following should be set:
>
> Security association lifetime: 3600 seconds
> PFS (Y/N): Y
> DH group: group5
> Transform set: esp-3des esp-sha-hmac"
>
> What shall I write to the config?
>
> Now the config is:
> conn vodafone
> left=195.70.36.112
> leftsubnet=195.70.36.0/24
> leftnexthop=%defaultroute
> right=80.244.96.229
> rightsubnet=80.244.96.0/24
> rightnexthop=%defaultroute
> keyingtries=0
> pfs=yes
> auth=esp # vagy ah
> auto=start
> ike=3des-md5-modp1024
> esp=3des-md5
Change the md5 entries to sha, and the modp entry to 1536
Paul
More information about the Users
mailing list