Victor Sudakov wrote: > Tobias Brunner wrote: > > > > > esp=3des-sha1! > > > > PFS is enabled if you add a DH group to the ESP proposal. > > I suspected that, but Windows offers two knobs which can be enabled > independently, that's the confusion. > > Here is what I've been able to gather from some Windows networking > cookbooks about those knobs: > http://admin.sibptus.ru/~vas/SessionVsMasterPFS.png
So, does anyone have an idea what those knobs could mean to Strongswan while selected/deselected in Windows independently from each other? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
