tech-net: Re: ipsec-tools & AES

Subject: Re: ipsec-tools & AES
To: None <tech-net@netbsd.org>
From: Jarkko Teppo <jht380@luukku.com>
List: tech-net
Date: 12/14/2004 10:12:06

On Tue, Nov 30, 2004 at 09:06:33AM +0200, Jarkko Teppo wrote:
> 
(moved to tech-net...)

Hi, 

I can't get ipsec-tools to accept AES at all.

I've tested this shortly on 2.0_RC1 and the built-in racoon from
KAME accepts AES just fine but when I tried racoon from 
security/ipsec-tools I got this:

> 
> 2004-11-30 09:05:13: DEBUG: reading config file /usr/pkg/etc/racoon/racoon.conf
> 2004-11-30 09:05:13: DEBUG: hmac(modp1024)
> 2004-11-30 09:05:13: ERROR: Invalid transform id: 12
> 2004-11-30 09:05:13: ERROR: /usr/pkg/etc/racoon/racoon.conf:38: "," algorithm AES not supported by the kernel (missing module?)
> 2004-11-30 09:05:13: ERROR: fatal parse failure (1 errors)
> racoon: failed to parse configuration file.
> 

I get the same thing with the latest ipsec-tools snapshot.

Any ideas ?

Thanks,
-- 
jht