IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compat

To:	netdev@xxxxxxxxxxx, usagi-users@xxxxxxxxxxxxxx
Subject:	IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods
From:	"Dr. Peter Bieringer" <pb@xxxxxxxxxxxx>
Date:	Thu, 05 Jun 2003 15:07:36 +0200
Sender:	netdev-bounce@xxxxxxxxxxx

To:

netdev@xxxxxxxxxxx, usagi-users@xxxxxxxxxxxxxx

Subject:

IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods

From:

"Dr. Peter Bieringer" <pb@xxxxxxxxxxxx>

Date:

Thu, 05 Jun 2003 15:07:36 +0200

Sender:

netdev-bounce@xxxxxxxxxxx

Hi again,

because I got no success, I've tried different encryption methods than 3DES. And *suddenly* it began to work.

One side  : 2.5.70-bk9
Other side: FreeS/WAN 1.99 with algopatches 0.8.1rc2

Result:

AES
---
AES-128: working

AES-192: not working
AES-256: not working

FreeS/WAN: 112 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: initiate 003 "freeswan-racoon-tunnel" #14: ESP transform ESP_AES passed key_len=32 > 16 032 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: internal error


3DES
----
Not working, no message


Blowfish
--------
blowfish-128: working

Other key lengths: not working NO_PROPOSAL_CHOSEN


Other algorithms: not tested at the moment

I'm very wondering why 3DES is incompatible in IPsec-SA modus, while working in IKE.

Can someone confirm and/or extend this compatibility test?

TIA,
        Peter
--
Dr. Peter Bieringer                     http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D               mailto: pb at bieringer dot de
Deep Space 6 Co-Founder and Core Member  http://www.deepspace6.net/

<Prev in Thread]	Current Thread	[Next in Thread>
IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, Dr. Peter Bieringer <= Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, James Morris Re: (usagi-users 02412) IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2, Dr. Peter Bieringer Re: (usagi-users 02412) IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2, James Morris IPsec 2.5.70-bk9 and Check Point VPN-1 NG FP4 RC, Dr. Peter Bieringer Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, David S. Miller Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, Peter Bieringer

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: [patch]: ipv6 tunnel for MIPv6, Ville Nuorvala
Next by Date:	Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, James Morris
Previous by Thread:	Bug in ipv6 ipsec in handling of packets with extension headers, Henrik Petander
Next by Thread:	Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, James Morris
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: [patch]: ipv6 tunnel for MIPv6, Ville Nuorvala

Next by Date:

Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, James Morris

Previous by Thread:

Bug in ipv6 ipsec in handling of packets with extension headers, Henrik Petander

Next by Thread:

Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods, James Morris

Indexes:

[Date] [Thread] [Top] [All Lists]