[Openswan Users] Openswan support for Ipsec v3
Paul Wouters
paul at xelerance.com
Wed Nov 4 04:14:40 EST 2009
On Tue, 3 Nov 2009, Gupta, Deepak (Deepak) wrote:
> Can someone shed some light on openswan's support for Ipsec version 3 (RFC4301 & RFC4303)? Does openswan 2.6.14 support these RFC's fully?
I'm not sure about "fully".
> Aes128-cbc for enc
Yes.
> HMAC SHA 256 for integrity
Yes.
> 2048RSA-SHA256 for peer auth
This is not esp but ike?
> For IKE:
>
> HMAC-SHA1
Yes
> 2048modp (DH Group)
Yes
> HMAC-SHA256 for integrity
Yes
> 2048RSA-SHA256 for peer auth
Yes.
Paul
More information about the Users
mailing list