[Openswan Users] sha2_512 centos

Andrei Muresanu andrei.muresanu at gmail.com
Fri May 30 10:10:09 EDT 2014

Hi all,

I am trying to establish a vpn tunnel with


but am getting:

| proposal 1 succeeded encr= (policy:aes-cbc vs offered:aes-cbc)
|             failed integ=(policy:auth-none vs
|             failed prf=  (policy:(null) vs offered:prf-hmac-sha2-512)
|             succeeded dh=   (policy:OAKLEY_GROUP_MODP1536 vs

if i try with


failed integ & failed prf fail "successfully" (they show up correctly in
the log but check fails due to them being different from sha2_512 which is
requested by other gateway)

would work with sha2_384 (accepted by other gateway) but ipsec auto
--status does not list it and if i try pluto segfaults with
"oakley_alg_makedb() ike hash halg=5 not present" (sha2_384 would be halg
id 5 i guess)

any ideas ????
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140530/d50a9c24/attachment.html>

More information about the Users mailing list