[Openswan Users] ipsec.conf (and ipsec.secrets) parameters

Paul Wouters paul at xelerance.com
Tue Jan 18 11:29:42 CET 2005

On Tue, 18 Jan 2005, Steve wrote:

> Thanks Paul. I just install the 2.3.0 from source and the man file is in 
> place. Anyway, does crypto values (for esp, ike) e.g. aes128-sha1 
> documented somewhere in the tar ball? aes-xxx == aes128-xxx?

You can do esp=aes or esp=aes128 pr esp=aes128-sha1 or esp=aes128-sha1-modp2048

Whatever you leave out wildcards to whatever we deem trustworthy enough :)
Currently modp768 and 1DES are NOT trustworthy enough, and will not be


More information about the Users mailing list