Looks like Netscreen has a similar issue, but it's documented. One must use the "pre-g2-des-md5" proposal to talk to version 1.6 of their software. 2.x accepts 3des. Earlier versions of the IPSEC standards required single-DES at a minimum, so it's not surprising that holdovers of this sort exist in any product. Would it be worth collecting a public list of "IKE to watch out for"? _H*
- Re: single-DES phase 1 *Hobbit*
- Re: single-DES phase 1 Jose Nazario
- Re: single-DES phase 1 Anton Rager
- Re: single-DES phase 1 Rukshin, David
