AES 256 doesn't work with glxsb
Enabling glxsb on Alix board (Netgate m1n1wall 2D13) prevents AES256 IPSec Phase2 connections from establishing:
Mar 27 16:31:44 racoon: ERROR: pfkey ADD failed: Invalid argument
Mar 27 16:31:44 racoon: ERROR: pfkey UPDATE failed: Invalid argument
Mar 27 16:31:44 racoon: WARNING: attribute has been modified.
Mar 27 16:31:44 racoon: [Tiffen interface for Akers]: INFO: initiate new phase 2 negotiation: my.ip.add.ress500<=>rem.ote.ip.adr500
I believe the remote side is Cisco IOS or ASA. I am running 2.0.1-RELEASE (i386). Other users have reported similar behavior: http://forum.pfsense.org/index.php?topic=47701.new
#1 Updated by Chris Buechler over 7 years ago
- Subject changed from IPSec Phase2 will not establish on Alix board with glxsb enabled to AES 256 doesn't work with glxsb
- Category set to Operating System
- Status changed from New to Feedback
- Affected Version changed from 2.0.1 to All
this is an OS issue outside our control, try with 2.1 which has a newer base OS.