Hi,
I have the below in my ipsec.conf :
ike esp from 198.51.100.0/24 to 10.20.30.0/24 \
local 198.51.100.15 \
peer 203.0.113.114 \
main auth hmac-sha2-512 enc aes-256-gcm group modp8192 lifetime 14400 \
srcid 198.51.100.15 dstid 203.0.113.114 \
psk “MY_SECRET” \
tag MY_TAG
Running "doas ipsecctl -nf /etc/ipsec.conf " (to validate the config)
yields no errors.
But running "doas ipsecctl -f /etc/ipsec.conf " (to load the config) yields:
ipsecctl: illegal transform aes-256-gcm
ipsecctl: failed to add ike rule 0
