Hi Neale/Benoit, I know we must not talk about DES and MD5 these days as they are insecure and must not be configured. My QA has raised an issue that DES is not working. I have myself not tested it as the customers would never configure it.
The QA says the "show ipsec sa" command does not show anything if DES is configured. Also the show node counters had this counter incremented for DES. "4 ipsec4-tun-input no matching tunnel" Not sure if I am missing something. NOTE: ====== 1) We don't use the vpp ikev2 plugin. We have our own IKE stack that programs the VPP with IPSEC SA. Basically our application receives the SA and calls the ipsec_sa_add_and_lock() API to install the SA. 2) We have tested AES128, ASE256, 3DES and they were working fine. The code to receive keys from IKE stack and program the vnet/ipsec is the same. Regards, Vijay Kumar N.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#21467): https://lists.fd.io/g/vpp-dev/message/21467 Mute This Topic: https://lists.fd.io/mt/91352430/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-