Phase 1 Proposal algorythms (2.3) => Why only 1 proposal ?

IPsec
Log in to reply
  • V

    Hi

    While trying to setup a roadwarriog connection for my mobile devices I came across an annoying issue:

    • IOS9 supports only dh group 14 (modp2048) by default
    • Windows 10 supports only dh group 2 (modp1024) by default
      It's very difficult to change the default Policy on any one of those two OS. So I Wonder why the pfsense approach is to propose only one algorythm in the phase 1 negociation.

    Would it be possible to have several groups or even not specify any. I'm willing to try and modify somethings it's just that not being a developper I don't know where to start… any ideas ?

    Regards,
    Vincent.

    0
  • C

    There's a feature request open to make that more like the P2 screen, where you can select more options. It's that way because in the past, that was the only valid way to configure the underlying keying daemon. That hasn't been true more recently though.

    0
  • V

    Thanks.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy