[Swan] Android VPN not passing any traffic, OSX does work
Paul Wouters
paul at nohats.ca
Mon Mar 13 11:20:15 UTC 2017
On Mon, 13 Mar 2017, Tuomo Soini wrote:
>> On Sun, 12 Mar 2017, Viktor Keremedchiev wrote:
>>
>>> Subject: Re: [Swan] Android VPN not passing any traffic, OSX does
>>> work
>
> Android will only do sha2_256 with broken hash truncation for esp. They
> dropped sha1 support from android and don't support sha2_512, aes_gcm
> or any other working hashing solution for esp.
AES_GCM is not defined for IKEv1, so that they don't support that makes
sense. But if they are not supporting SHA1 or SHA2_512, then this is a
huge problem. Which android version dropped SHA1 ?
> https://libreswan.org/wiki/FAQ#Using_SHA2_256_for_ESP_connection_establishes_but_no_traffic_passes_.28especially_Android_6.0.29
Our FAQ is not aware that the problem has gotten worse ? It would be
good to get the information to update the entry.
Paul
More information about the Swan
mailing list