Hi all,
I just want to know what is the default value of the cipher suite if
the *ike* and *esp* directives in
ipsec.conf<http://wiki.strongswan.org/projects/strongswan/wiki/IpsecConf>
are
not specified in IKEv2. Maybe this is a simple question. But I can not find
it in the manual of strongswan 4.5.2.
In my mind I though it will support all the combination of the cipher
suites. But I get confused in the following scenario when the *ike* and *
esp* directives in
ipsec.conf<http://wiki.strongswan.org/projects/strongswan/wiki/IpsecConf>
are
not specified:
1. It always says it is inacceptable for the MODP 1024, and request
MODP 2048 for PSK.
But it can establish the IKE SA and child SA with MODP 1024 for
EAP-AKA
2. It can establish the IKE SA and child SA for EAP-AKA.
But it always says the cipher suite is inacceptable for rekeying
the child SA.
Best regards,
nanjian5
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
