Project

General

Profile

Actions

Bug #6967

closed

DH Groups 22, 23, 24 missing from Phase 2 selection GUI

Added by Sec Sec almost 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
IPsec
Target version:
Start date:
11/28/2016
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.3.2
Affected Architecture:

Description

When configuring IPSec you can select DH Groups 22-24 for Phase 1, but for Phase 2 they are missing from the GUI.

I got the following answer about this from support:
For cli you may change /var/etc/ipsec/ipsec.conf in ESP section, e.g. esp = aes128-sha1-modp2048s256!
But it will work only if you will not change ipsec settings via gui and will not reboot device

which to me suggests that the PFSense should be able to handle them just fine if they were added to the GUI

Actions

Also available in: Atom PDF