[Openswan Users] Check ESP support

Bruno Galindro da Costa bruno.galindro at gmail.com
Mon Jan 12 09:25:07 EST 2015 

Any return??

2014-12-17 9:18 GMT-02:00 Bruno Galindro da Costa <bruno.galindro at gmail.com>
:

> How can I check if my ipsec service and my *O.S.* has ESP encryption
> support? I can only establish Phase 1 and 2 using 3des:
>
>
>     ike=3des-sha1-modp1024
>     esp=3des-sha1
>
> # ipsec verify
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path
>           [OK]
> Linux Openswan U2.6.38/K3.13.0-29-generic (netkey)
> Checking for IPsec support in kernel                            [OK]
>  SAref kernel support                                           [N/A]
>  NETKEY:  Testing XFRM related proc values                      [OK]
>     [OK]
>     [OK]
> Checking that pluto is running                                  [OK]
>  Pluto listening for IKE on udp 500                             [OK]
>  Pluto listening for NAT-T on udp 4500                          [OK]
> Checking for 'ip' command                                       [OK]
> Checking /bin/sh is not /bin/dash                               [WARNING]
> Checking for 'iptables' command                                 [OK]
> Opportunistic Encryption Support                                [DISABLED]
>
>
>
>
> 2014-12-17 9:17 GMT-02:00 Bruno Galindro da Costa <
> bruno.galindro at gmail.com>:
>
>> How can I check if my ipsec service and my S.O. has ESP encryption
>> support? I can only establish Phase 1 and 2 using 3des:
>>
>>     ike=3des-sha1-modp1024
>>     esp=3des-sha1
>>
>> # ipsec verify
>> Checking your system to see if IPsec got installed and started correctly:
>> Version check and ipsec on-path                                 [OK]
>> Linux Openswan U2.6.38/K3.13.0-29-generic (netkey)
>> Checking for IPsec support in kernel                            [OK]
>>  SAref kernel support                                           [N/A]
>>  NETKEY:  Testing XFRM related proc values                      [OK]
>>     [OK]
>>     [OK]
>> Checking that pluto is running                                  [OK]
>>  Pluto listening for IKE on udp 500                             [OK]
>>  Pluto listening for NAT-T on udp 4500                          [OK]
>> Checking for 'ip' command                                       [OK]
>> Checking /bin/sh is not /bin/dash                               [WARNING]
>> Checking for 'iptables' command                                 [OK]
>> Opportunistic Encryption Support                                [DISABLED]
>>
>>
>> --
>> Att.
>> Bruno Galindro da Costa
>>
>
>
> --
> Att.
> Bruno Galindro da Costa
>



-- 
Att.
Bruno Galindro da Costa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20150112/804f3c3f/attachment.html>

More information about the Users mailing list