[Openswan Users] Check ESP support
Bruno Galindro da Costa
bruno.galindro at gmail.com
Wed Dec 17 06:18:20 EST 2014
How can I check if my ipsec service and my *O.S.* has ESP encryption
support? I can only establish Phase 1 and 2 using 3des:
ike=3des-sha1-modp1024
esp=3des-sha1
# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path
[OK]
Linux Openswan U2.6.38/K3.13.0-29-generic (netkey)
Checking for IPsec support in kernel [OK]
SAref kernel support [N/A]
NETKEY: Testing XFRM related proc values [OK]
[OK]
[OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [WARNING]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
2014-12-17 9:17 GMT-02:00 Bruno Galindro da Costa <bruno.galindro at gmail.com>
:
>
> How can I check if my ipsec service and my S.O. has ESP encryption
> support? I can only establish Phase 1 and 2 using 3des:
>
> ike=3des-sha1-modp1024
> esp=3des-sha1
>
> # ipsec verify
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path [OK]
> Linux Openswan U2.6.38/K3.13.0-29-generic (netkey)
> Checking for IPsec support in kernel [OK]
> SAref kernel support [N/A]
> NETKEY: Testing XFRM related proc values [OK]
> [OK]
> [OK]
> Checking that pluto is running [OK]
> Pluto listening for IKE on udp 500 [OK]
> Pluto listening for NAT-T on udp 4500 [OK]
> Checking for 'ip' command [OK]
> Checking /bin/sh is not /bin/dash [WARNING]
> Checking for 'iptables' command [OK]
> Opportunistic Encryption Support [DISABLED]
>
>
> --
> Att.
> Bruno Galindro da Costa
>
--
Att.
Bruno Galindro da Costa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20141217/44624eac/attachment.html>
More information about the Users
mailing list