Hello,
it seems that Android app doesn't support cipher esp=aes256gcm16-modp2048
When I set it in ipsec.conf:
esp=aes256gcm16-modp2048!
When CHILD_SA is triggered (not IKE_SA), I've got NO_PROPOSAL_CHOSEN
If I leave default value for esp it works without problems.
I guess it is a bug - it sho
Hi,
I know that server version of strongSwan uses retransmission as in [1].
But how can I control this on Android? Is it hardcoded somewhere? If yes,
can somebody help me and point me to the right direction?
Background:
I'm trying to use OTP to authenticate IKEv2. So far, so good, but the main
is
Great, thank you! I used modp3072 and it works.
czw., 9 lut 2017 o 10:35 użytkownik Tobias Brunner
napisał:
> Hi Piotr,
>
> > it seems that Android app doesn't support cipher esp=aes256gcm16-modp2048
>
> Correct. That proposal is not supported by the app, see [1] for the
> list of currently con
Hi Piotr,
> But how can I control this on Android? Is it hardcoded somewhere? If
> yes, can somebody help me and point me to the right direction?
See [1] or [2].
Where is [1] or [2]? :)
> I'm trying to use OTP to authenticate IKEv2. So far, so good, but the
> main issue is to maintain the tun
Hi,
I'm testing the Android app with IKEv2 connection. The app loses connection
randomly, in the log I can see messages:
*error writing to socket: Operation not permitted*
I've set the retransmission to 30 minutes, and after that period, if the
retransmission threshold is reached, I can see mess
Hi,
is it possible to configure custom DH prime and generator? I saw some lines
of code, but it seems that this is not configurable.
Best,
Piotr
