Displaying 1 result from an estimated 1 matches for "randomize_length".
2004 Sep 24
2
strange behavior of ipsec tunnel mode
...096;
lifetime time 300 sec;
}
}
sainfo anonymous {
pfs_group modp4096;
lifetime time 300 sec;
encryption_algorithm rijndael 256;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
padding {
randomize on;
randomize_length on;
strict_check on;
}
script for setting up policy:
#!/usr/bin/setkey -f
flush;
spdflush;
spdadd 192.168.2.10/32 192.168.2.11/32 any -P out ipsec
esp/tunnel/192.168.2.10-192.168.2.11/require
ah/tunnel/192.168.2.10-192.168.2.11/require;
spdadd 192.168.2.11/32 1...