Public bug reported: Hello,
while deploying VPNaaS we discovered that when using the newly supported AEAD ciphers like GCM with Libreswan the rendered ipsec.conf is broken. The internal enums are rendered into the config instead of the actual config values for the specific ciphers. As a result the VPN connection cannot be loaded as the values for ike= and phase2alg= are wrong. [1] added a dialect map for strongswan, but not for libreswan. [1] https://review.opendev.org/c/openstack/neutron-vpnaas/+/898830 Best regards Maximilian Sesterhenn ** Affects: neutron Importance: Undecided Status: New ** Tags: vpnaas -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/2127159 Title: Libreswan config broken when used with new AEAD ciphers Status in neutron: New Bug description: Hello, while deploying VPNaaS we discovered that when using the newly supported AEAD ciphers like GCM with Libreswan the rendered ipsec.conf is broken. The internal enums are rendered into the config instead of the actual config values for the specific ciphers. As a result the VPN connection cannot be loaded as the values for ike= and phase2alg= are wrong. [1] added a dialect map for strongswan, but not for libreswan. [1] https://review.opendev.org/c/openstack/neutron-vpnaas/+/898830 Best regards Maximilian Sesterhenn To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2127159/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
