News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: IPSEC ESP: 3des key size/manual specification in racoon.conf?
Pages: [1]
Topic: IPSEC ESP: 3des key size/manual specification in racoon.conf?  (Read 2270 times)
« on: April 16, 2007, 05:32:48 »
airzonk *
Posts: 8
Hello,

I am using Blowfish with my current IPSEC tunnel without a problem.  However, I was wondering if I could manually specify the 3DES key size by editing racoon.conf manually to match that of my business partner, as they prefer 3DES.  That appears to be the problem with getting 3DES to work, this is not specifiable in the Web GUI.

for example, could I in racoon.conf:
could I set this:

encryption_algorithm 3des;

and specify a key size afterward, upload it, and would it work?

Thanks,
Gabe
« Reply #1 on: April 18, 2007, 02:39:44 »
darklogic *
Posts: 45
If you are asking if you can change the key size from the web GUI for 3DES you can set it to 1, 2, or 5. I would recomend using blowfish over 3DES it is faster and more secure. Documentation on this is everywhere on the net.
« Reply #2 on: April 18, 2007, 04:34:32 »
cmb *****
Posts: 851
If you manually overwrite your racoon.conf you will lose it at next boot.

The encryption_algorithm line is what it is, you can't specify key size there. I'm not sure exactly what you want to change.

Personally I would leave it with Blowfish. Unless your partner has a hardware crypto accelerator, it'll be faster for them as well.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines