[Openswan Users] openswan 2.6.21 not recognize pfsgroup in ipsec.conf
Tuomo Soini
tis at foobar.fi
Tue May 12 04:52:09 EDT 2009
Zhiping Liu wrote:
> HI everyone:
>
> I upgrade openswan from version 2.4.10 to 2.6.21,found that config
> string "pfsgroup" not recoginize in 2.6.21. Searing google...found
> nothing related to my issue.
pfsgroup is removed because pluto will always use group from phase1 as
pfs group. so if you have ike=3des-md5-modp1024 pfsgroup will always be
modp1024. Config option for that is not needed.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
More information about the Users
mailing list