[Openswan Users] Openswan support for Ipsec v3

Paul Wouters paul at xelerance.com
Wed Nov 4 04:14:40 EST 2009


On Tue, 3 Nov 2009, Gupta, Deepak (Deepak) wrote:

> Can someone shed some light on openswan's support for Ipsec version 3 (RFC4301 & RFC4303)?  Does openswan 2.6.14 support these RFC's fully?

I'm not sure about "fully".

> Aes128-cbc for enc

Yes.

> HMAC SHA 256 for integrity

Yes.

> 2048RSA-SHA256 for peer auth

This is not esp but ike?

> For IKE:
>
> HMAC-SHA1

Yes

> 2048modp (DH Group)

Yes

> HMAC-SHA256 for integrity

Yes

> 2048RSA-SHA256 for peer auth

Yes.

Paul


More information about the Users mailing list