[Openswan Users] sha2_512 centos
Andrei Muresanu
andrei.muresanu at gmail.com
Fri May 30 10:10:09 EDT 2014
Hi all,
I am trying to establish a vpn tunnel with
ike=aes256-sha2_512;modp1536
but am getting:
| proposal 1 succeeded encr= (policy:aes-cbc vs offered:aes-cbc)
| failed integ=(policy:auth-none vs
offered:AUTH_HMAC_SHA2_512_256)
| failed prf= (policy:(null) vs offered:prf-hmac-sha2-512)
| succeeded dh= (policy:OAKLEY_GROUP_MODP1536 vs
offered:OAKLEY_GROUP_MODP1536)
if i try with
ike=aes256-sha2_256;modp1536
failed integ & failed prf fail "successfully" (they show up correctly in
the log but check fails due to them being different from sha2_512 which is
requested by other gateway)
would work with sha2_384 (accepted by other gateway) but ipsec auto
--status does not list it and if i try pluto segfaults with
"oakley_alg_makedb() ike hash halg=5 not present" (sha2_384 would be halg
id 5 i guess)
any ideas ????
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140530/d50a9c24/attachment.html>
More information about the Users
mailing list