[Openswan Users] ipsec.conf (and ipsec.secrets) parameters
Paul Wouters
paul at xelerance.com
Tue Jan 18 11:29:42 CET 2005
On Tue, 18 Jan 2005, Steve wrote:
> Thanks Paul. I just install the 2.3.0 from source and the man file is in
> place. Anyway, does crypto values (for esp, ike) e.g. aes128-sha1
> documented somewhere in the tar ball? aes-xxx == aes128-xxx?
You can do esp=aes or esp=aes128 pr esp=aes128-sha1 or esp=aes128-sha1-modp2048
Whatever you leave out wildcards to whatever we deem trustworthy enough :)
Currently modp768 and 1DES are NOT trustworthy enough, and will not be
included.
Paul
More information about the Users
mailing list