Hello All,
In the test results page of the wiki for ikev2, the following
configuration is being used.
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
ike=aes256gcm16-aesxcbc-modp2048!
esp=aes256gcm16-modp2048!
Is there a reason for using "aesxcbc" for ike? Doesn't aes-gcm provide
both authenticity and confidentiality?
Also, if I want to use the transport mode for the above configuration,
do I need to worry about anything?
Thanks,
Guru
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
