OpenBSD 5.5 ISAKMPD

Motty Cruz Fri, 16 Jan 2015 12:28:02 -0800

Hello All,

I'm trying to setup IPSec Tunnel using the following parameters.
Phase 1
exchange encryption: AES256
Data Integrity: SHA256
DH: group 20
Agressive Mode


phase 2
encryption: AESGCM256
HASH: SHA384

I can't find examples to configure isakmpd.conf using parameters above.

[fw2-main-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          ID_PROT
Transforms=             AES256-SHA2-GRP20

[fw2-quick-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          QUICK_MODE
Suites=                 QM-ESP-AESGCM-SHA2-SUITE

[QM-ESP-AESGCM-256-SHA2-SUITE]
TRANSFORM_ID=                           AESGCM
ENCAPSULATION_MODE=             TUNNEL
AUTHENTICATION_ALGORITHM=   HMAC_SHA2
GROUP_DESCRIPTION=              EC_384
Life=                           LIFE_3600_SECS

using this configuration I get the following error:
isakmpd[30247]: exchange_run: doi->initiato

Thanks in advance,
-Motty

OpenBSD 5.5 ISAKMPD

Reply via email to