Date: Mon, 22 Mar 2004 08:21:35 +0100 (MET) From: Helge Oldach <helge.oldach@atosorigin.com> To: Holger.Eitzenberger@t-online.de (Holger Eitzenberger) Cc: freebsd-net@freebsd.org Subject: Re: IPsec: problems after upgrade 4.8 to 4.9 Message-ID: <200403220721.IAA27512@galaxy.hbg.de.ao-srv.com> In-Reply-To: <20040319230638.A25674@eitzenberger.name> from Holger Eitzenberger at "Mar 19, 2004 11: 6:38 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Holger Eitzenberger:
> (*) ERROR: ipsec_doi.c:440:print_ph1mismatched(): rejected dh_group:
>DB(prop#1:trns#1):Peer(prop#0:trns#0) = 1024-bit MODP group:1536-bit MODP
>group
> proposal {
> encryption_algorithm 3des;
> hash_algorithm md5;
> authentication_method rsasig;
> dh_group 2;
Try changing the last line to
> dh_group 5;
or more verbosely to
> dh_group modp1536;
Helge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403220721.IAA27512>