On Thu, 9 Apr 2015, Antonio Scattolini wrote:
But phase2alg is supported in openswan 2.4.6? I know it is in libreswan 3.12. I added it at both ends, still no connection...
#21339: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 #21339: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=RSA_SIG cipher=oakley_3des_cbc_192 integ=5 group=MODP1536} #20842: the peer proposed: 192.168.5.0/24:0/0 -> 192.168.3.0/24:0/0 #21340: IPsec encryption transform did not specify required KEY_LENGTH attribute
conn end1-end2 auto=start compress=yes authby=rsasig left=a.b.c.d leftsubnet=192.168.5.0/24 [email protected] right=%defaultroute rightsubnet=192.168.3.0/24 [email protected] leftrsasigkey=0sAQPmt... rightrsasigkey=0sAQN0...
Add: phase2alg=aes128-sha1;modp1536 they issue is "aes" vs "aes128" that will send the KEY_LENGTH attribute. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
