[Ipsec-tools-users] "Encrypt Algorithm Problem "
Brought to you by:
mit_warlord,
netbsd
From: shih l. <se...@ho...> - 2009-11-09 08:59:27
|
hello i'm very confused about this i wnat create three tunnel (transport mode) with different algorithm. my racoon configure +++++++++++++++++++++++++++++++++++++++++++++++++++ path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/certs"; remote 1.1.1.1 { exchange_mode aggressive, main; my_identifier address; proposal { encryption_algorithm des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } remote 2.2.2.2 { exchange_mode aggressive, main; my_identifier address; proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } remote 3.3.3.3 { exchange_mode aggressive, main; my_identifier address; proposal { encryption_algorithm aes 128; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } sainfo anonymous { pfs_group 2; lifetime time 3 min; encryption_algorithm aes 128, des, 3des; authentication_algorithm hmac_sha1, hmac_md5; compression_algorithm deflate; } ++++++++++++++++++++++++++++++++++++++++++++++++++ but when i type setkey -D esp mode=transport spi=75616156(0x0481cf9c) reqid=0(0x00000000) E: aes-cbc e8113057 d745a96f 720ea664 5fb1f0ea every tunnel encrypt with "aes" lsmod +++++++++++++++++++++++ aes 6 des 0 +++++++++++++++++ only the top encryption_algorithm "aes" that in "sainfo anonymous" be use. my racoon.conf miss some thing or incorrect??? please give me any advice. thank a lot. best regard luke shih _________________________________________________________________ 嶄新的 Windows 7:找出適合您的電腦。深入了解。 http://windows.microsoft.com/shop |