[Openswan Users] IKE SHA type question

Paul Wouters paul at xelerance.com
Thu Jul 15 13:21:21 EDT 2010

On Thu, 15 Jul 2010, Kevin White wrote:

> I'm trying to set up a VPN between Openswan and a Cisco device.  I'm
> using Openswan 2.4.9.

Upgrade to at least 2.4.15 and try again.

> This is wanted:
> AES_CBC(7)_256-SHA1(2)-MODP1536(5)
> This is found:
> AES_CBC(7)_256-SHA1(2)_160-MODP1536(5)
> I kind of thought those two things were the same, but they appear to
> look different...so I'm not sure if this means I'm getting stuck at IKE.

I think those are the same....

Many cisco interops were fixed. 2.4.15 or 2.6.27 is recommended.


More information about the Users mailing list