> Use AES, it's faster, and at least as secure as 3DES > using 128-bit keys.
Didn't work! Snooping traffic, I see the laptop sending ESP packets to the FW, but I get nothing back. I'm going to need more information. Much more. Which files was I supposed to modify? I modified /etc/hostname.ip.tun0 with the above parameters (encr_algs aes encr_auth_algs sha1), like so: /etc/hostname.ip.tun0: ###.BBB.2.1/16 ###.BBB.2.2 tsrc ###.AAA.2.1 tdst ###.AAA.2.2 encr_algs aes encr_auth_algs sha1 up Where "AAA" = n, and "BBB" = n + 1. Looks like I also need to modify /etc/inet/ike/config? What did I miss? What needs to be in there to support the above combination? This message posted from opensolaris.org
