Hi, > AH = sha1
We currently do not support AH in IKEv2. > ESP = 3des, aes-cbc-128 Use a comma separated list of proposals in the esp parameter: esp=aes128-sha1,aes256-aesxcbc,aes128gcm12,3des-md5 By default, the IKEv2 daemon appends a default "catch all" proposal including all supported algorithms to the end of the list. To prevent this, use the strict proposal mode by appending a ! to the end of the list: esp=aes128-sha1,3des-md5! Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
