[Openswan Users] Using 1DES :(
Paul Wouters
paul at xelerance.com
Tue Aug 30 19:16:08 CEST 2005
On Tue, 30 Aug 2005, Rajkumar S wrote:
> I am writing to this list after wracking my brain for past 36 hours :(
>
> My objective is to connect a linux box to a pix vpn. The pix can only
> support DES. So I downloaded super-freeswan-1.99.8 and compiled it with
> linux-2.4.21.
I'd recommend using openswan-2, or at the very least openswan-1. openswan-1
is based off superfreeswan and has a few security fixes.
1DES is not enabled or compiled in per default. For openswan-2, this is
changable by setting the USE_WEAKSTUFF=true in Makefile.inc.
I don't have access to an openswan-1 tree currently to see if it uses
the same variable.
Paul
More information about the Users
mailing list