[Swan] Cisco vpn client forces 1des encryption which libreswan not support
Paul Wouters
paul at nohats.ca
Fri Jul 11 17:34:44 EEST 2014
On Fri, 11 Jul 2014, peter at krajci.sk wrote:
> I followed config tutorial
> https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv1_XAUTH
> with small modifications but cisco vpn client forces 1des encryption which
> libreswan do not support anymore. Is there any solution how to get it work
> with cisco vpn client?
That is a misconfiguration of that client. Please change its
configuration. The Cisco client supports 3DES and most certainly AES.
libreswan will never do 1DES, as it can be broken in hours on a $300
computer.
> Everything works like a charm with shrew soft vpn client, but I want to get
> it work with cisco vpn client. I would be wery glad for every idea.
Look for some options to unset "1des" or "des".
Paul
More information about the Swan
mailing list