Displaying 5 results from an estimated 5 matches for "nonce_size".
Did you mean:
node_size
2004 Sep 24
2
strange behavior of ipsec tunnel mode
...ifier on;
certificate_type x509 "mad.public" "mad.private";
peers_certfile x509 "laptop.public";
send_cert on;
send_cr on;
verify_cert on;
lifetime time 300 sec;
passive off;
proposal_check strict;
nonce_size 256;
proposal {
encryption_algorithm blowfish 448;
hash_algorithm sha1 512;
authentication_method rsasig;
dh_group modp4096;
lifetime time 300 sec;
}
}
sainfo anonymous {
pfs_group modp4096;...
2003 Aug 07
1
IPSec delays
...f. I've watched the racoon logs, and it doesn't give me any errors, or failed negotiations. Any ideas?
path pre_shared_key "/usr/local/etc/racoon/psk.txt";
remote anonymous
{
exchange_mode aggressive;
doi ipsec_doi;
situation identity_only;
\
nonce_size 256;
lifetime time 30 min; # sec,min,hour
initial_contact on;
support_mip6 off;
proposal_check obey; # obey, strict or claim
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method...
2005 Dec 07
1
racoon with freebsd-4.11 crashes
...168.190.43 [500];
}
timer {
counter 5;
interval 20 sec;
persend 1;
phase1 30 sec;
phase2 15 sec;
}
remote 192.168.190.43 {
exchange_mode main;
doi ipsec_doi;
situation identity_only;
my_identifier address 192.168.190.44;
peers_identifier address 192.168.190.43;
lifetime time 24 hour;
nonce_size 16;
initial_contact on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 1;
}
}
sainfo address 192.168.190.44 any address
192.168.190.43 any
{
pfs_group 1;
lifetime time 2 hour;
encryption_algorithm 3des;...
2004 Jan 08
1
Windows 2000 <-> FreeBSD IPsec problem
...persend 1; # the number of packets per a send.
# timer for waiting to complete each phase.
phase1 15 sec;
phase2 30 sec;
}
remote anonymous
{
#exchange_mode aggressive,main;
doi ipsec_doi;
exchange_mode main,aggressive;
nonce_size 32;
situation identity_only;
lifetime time 1 min; # sec,min,hour
initial_contact on;
support_mip6 on;
passive on;
proposal_check claim; # obey, strict or claim
proposal {
encryption_algorithm 3des;
hash_al...
2004 Jul 26
1
Cisco IOS and racoon
...ng to complete each phase.
phase1 30 sec;
phase2 15 sec;
}
remote anonymous
{
#exchange_mode main,aggressive;
exchange_mode main,base,aggressive;
doi ipsec_doi;
#situation identity_only;
my_identifier user_fqdn "bbedevil";
peers_identifier user_fqdn "bbeameliarouter";
nonce_size 16;
lifetime time 10000 sec;
initial_contact on;
support_mip6 on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key ;
dh_group 2 ;
}
}
sainfo anonymous
{
pfs_group 2;
lifetime time 10000 sec;
encryption_algorithm 3d...