--On Wednesday, October 28, 2015 05:18:28 PM +0800 Rayson Zhu
<vfr...@gmail.com> wrote:
yes, but only if you don't use high encryption.
so sad.
On Wed, Oct 28, 2015 at 4:56 PM, Roger Skjetlein
<rskjetl...@netrunner.nu> wrote:
I found out that this combination works with of the devices out
there: ike = 3des-sha1-modp1024
esp = aes256-sha1,aes192-sha1,aes128-sha1
ike=aes256-sha2_512-modp2048,aes256-sha1-modp1024
esp=aes256-sha2_512,aes256-sha1,aes128-sha1
should work too but you still would have the dangerous modp1024 for
Win7 etc.
windows 7 to 10, os x 10.11, ios 8 and 9, android...
On Wed, Oct 28, 2015 at 2:50 AM, Rayson Zhu <vfr...@gmail.com> wrote:
I met this issue too. I have to change my cipher suite to
aes128-sha-1-modp1024 to connect IOS devices.
On Tuesday, October 27, 2015, Tobias Brunner <tob...@strongswan.org>
wrote:
Hi Harald,
> If I got you correctly I would have to move back to DH2, just to
> make the iphone users happy.
Correct, or you use a configuration profile with
DiffieHellmanGroup set to one of the other groups Apple claims to
support (I don't know which of them actually work, though): 2
(Default), 5, 14, 15, 16, 17, or 18.
> Do you know of any commitments from Apple to fix this?
No idea. I wasn't the one adding that information to the wiki.
But you could report the bug to Apple to get a rough idea when it
is fixed. In this case they will close your bug report and mark
it as duplicate and you won't get any direct status updates etc.
but you can see whether the original ticket is still open or not.
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
