[Swan-dev] ikev2-algo-01-modp2048-initiator
D. Hugh Redelmeier
hugh at mimosa.com
Sat Feb 2 21:40:42 UTC 2019
This failed for me last night
testing/pluto/ikev2-algo-01-modp2048-initiator/OUTPUT/west.console.diff
+002 "westnet-eastnet-ikev2" #1: STATE_PARENT_I1: received unauthenticated v2N_NO_PROPOSAL_CHOSEN - ignored
testing/pluto/ikev2-algo-01-modp2048-initiator/OUTPUT/east.pluto.log
| remote proposal 1 proposed transforms: ENCR+PRF+INTEG+DH; matched: ENCR+DH; unmatched: PRF+INTEG
| remote proposal 1 does not match; unmatched remote transforms: PRF+INTEG
"westnet-eastnet-ikev2" #1: no local proposal matches remote proposals 1:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA1;INTEG=HMAC_SHA1_96;DH=MODP2048
"westnet-eastnet-ikev2" #1: responding to IKE_SA_INIT (34) message (Message ID 0) from 192.1.2.45:500 with unencrypted notification NO_PROPOSAL_CHOSEN
This doesn't look good.
More information about the Swan-dev
mailing list