Page MenuHomeVyOS Platform

Update strongSwan cipher suites list for IPSec settings
In progress, LowPublicFEATURE REQUEST

Description

The current list of cipher suites in VyOS is outdated and many suites that are supported by strongSwan are not available via CLI. We should add them.
Lists of suites supported by strongSwan:
https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites
https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

zsdc created this task.Feb 18 2020, 10:58 AM
pasik added a subscriber: pasik.Feb 19 2020, 4:32 PM
zsdc changed the task status from Open to In progress.Mar 11 2020, 2:11 PM
zsdc moved this task from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
syncer renamed this task from Actualize strongSwan cipher suites list for IPSec settings to Update strongSwan cipher suites list for IPSec settings.Mar 11 2020, 2:12 PM
syncer triaged this task as Low priority.
syncer updated the task description. (Show Details)