Sorry to propagate misinformation: this expression (suggested to support android) works fine:
esp=aes256-sha2_512,aes256-sha1,aes256-sha2_256,3des-sha1 On my first attempt to try this, I put in a typo that kept my connection from loading from: /etc/ipsec.d/mything.conf But the parent /etc/ipsec.conf loads a default libreswan.conf that kept things from working as expected. So this connection supports iPhone, Windows, and Android with L2TP and PSK: conn L2TP-PSK pfs=no auto=add ikev2=no ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024 esp=esp=aes256-sha2_512,aes256-sha1,aes256-sha2_256,3des-sha1 authby=secret type=transport left=a.b.c.d leftprotoport=17/1701 right=%any rightprotoport=17/%any dpddelay=30 dpdtimeout=120 dpdaction=clear Thanks again. _______________________________________________ Swan mailing list Swan@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan