On 2019-07-04, Daniel Polak <dan...@sys.nl> wrote: > Just tried to configure an IKEv1 VPN connection with AESGCM but isakmpd > only supports that in phase 2 but not in phase 1. > See https://marc.info/?l=openbsd-cvs&m=128516335103833&w=2 for the commit. > > Is there any special reason why AESGCM has not been implemented for > phase 1 as well?
AFAIK AES-GCM isn't in the spec for IKEv1 phase 1. See e.g. https://tools.ietf.org/html/rfc4543#section-5.1