Hi Björn, > initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP
> esp=aes128-sha1,aes128-md5,aes256-md5,aes256-sha1,3des-sha1,3des-md5 Your old GW seems to use PFS, but in your 5.1.1 installation you don't include any DH groups in the esp proposal. To enable PFS in 5.1.1, you'll have to add a DH group to each proposal. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
