It is correct but since those algorithms are in the default set, you can just leave out both lines
Sent from my iPhone > On Nov 12, 2020, at 09:00, [email protected] wrote: > > Hi List! > > I was tasked to set up a site-to-site VPN to a supplier site and decided to > use LibreSwan. > > My platform is CentOS 8.2.2004, LibreSwan is version 3.29-7. > > The remote peer operator sent me the following encryption details but I > didn't find according IKE or ESP cipher/algorithm settings in the list of > supported settings at > > https://libreswan.org/wiki/FAQ > Which ciphers / algorithms does libreswan > support? > > I have to use: > > Phase1 > ====== > - Encryption Algorithm AES-256 > - Hash SHA512 > - Diffie-Hellman 14 > > Phase2 > ====== > - ESP Encryption AES-256 > - Hash SHA512 > - Diffie-Hellman 14 > > I added the following parameters to my ipsec.conf and wonder if they are > supported and if the notation is correct: > > ike=aes256-sha512;dh14 > esp=aes256-sha512;dh14 > > Can anybody confirm if they are correct? > > Thank you very much! > > Best regards > Armin > > __________ Information from mm-lab IT security __________The message was > checked by ESET Mail Security. > _______________________________________________ > Swan mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
