> Is there a reason for using "aesxcbc" for ike? Doesn't aes-gcm provide > both authenticity and confidentiality?
It does, but IKE additionally requires a PRF. In this example, aesxcbc is used for that. > Also, if I want to use the transport mode for the above configuration, > do I need to worry about anything? No. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
