We are trying to limit the set of algorithms to negotiate for IKE and ESP.
In IPSEC.CONF this is done by adding “!”.
If we apply the same “!” at the end of list, are get a message “loading
connection TEST failed : invalid value for: proposals, config discarded “
Here is an example:
vici_begin_list(req,"*proposals*");
vici_add_list_itemf(req,"%s","aes256-sha512-sha384-sha256-sha-ecp256-modp2048-prfsha1
!");
vici_end_list(req);
Is there a way to limit the proposals in VICI ?
Thanks,
-Marc
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
