[Openswan Users] Question on ciphers

Mihir Shirali -X (mshirali - INFOSYS LIMITED at Cisco) mshirali at cisco.com
Wed Jul 22 12:21:02 EDT 2015

Hi All,

I'm using RHEL 6.6 and openswan-2.6.32-37.el6.x86_64
I had a couple of questions related to ciphers:
1 - When I run the ipsec auto -status, I do see Blowfish listed as one of the available ciphers:
ipsec auto --status | grep BLOW
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448

However, when I plug this into my config file, the tunnel does not come up. Could you please let me know if Blowfish is something which is unsupported

2 - I believe esp cipher can be specified as follows
                aes-sha1 OR
How does OpenSwan treat these 2 internally. Are they treated as 2 separate ciphers or the same one?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20150722/23318cba/attachment.html>

More information about the Users mailing list