Subject: Re: IPsec and key length
To: Secret Asian Man <cchen@nougat.org>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: current-users
Date: 06/13/2000 12:16:23
>A bigger question of mine stems from trying to make my box dance
>the happy dance with a cisco switch using pre-shared keys. The keys
>on the router are 32-characters in length, but setkey barfs on
>anything larger than eight keys; I'm quite confused since
>they both say they're using des-cbc.

	if cisco document mentions "pre-shared key", that is for use with
	IKE (ipsec key negotiation protocol).  you need to bring in
	pkgsrc/security/racoon.

	setkey is for "manual keys" (<-> automatic negotiation by IKE).

itojun