Hello, i found a bug. After i upgrade my IPFire to Core 90 im not able to connect to a Cisco ASA via IPSec IKEv1. After a few tests a found a bug in the configuration file. It was not written correctly. /var/ipfire/vpn/ipsec.conf Core90: ike=3des-sha-modp1024 esp=3des-sha1 and before (functional): ike=3des-sha-modp1024 esp=3des-sha1-modp1024 After i add the modp1024 to this configuration file i was able to connect to the ipsec gateway.
*** Bug 10868 has been marked as a duplicate of this bug. ***
Could you guys please test this patch? http://patchwork.ipfire.org/patch/9/
Tested the patch in my ipfire VM: esp=aes256-sha2_256 would change to esp=aes256-sha2_256-modp6144,aes256-sha2_256-modp4096,aes256-sha2_256-modp3072 (obviously, modp 3072, 4096 and 6144 where chosen as DH group)
Thanks for testing. I will take this as an ACK then.
I merged this patch last week although I would have loved more feedback.
I tested the patch today and all worked well. Thanks Michael
Same here, all working fine! Thank you!
Thank you guys. The fix will be released with Core Update 92 then.
*** Bug 10898 has been marked as a duplicate of this bug. ***