Support for specifying aes key sizes was added february 2008, thus 4.2 does not provide this.
On Wed, Nov 12, 2008 at 03:17:17PM +0000, Joe Warren-Meeks wrote: > On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote: > > Hey there, > > OK, so I've switched to ipsec.conf and it is alot easier! > > However, I'm still struggling to use aes 256. > > I have the following: > > ike esp from 195.24.xxx.x/25 to 62.232.yyy.y/27 \ > local 195.24.aaa.aa peer 62.232.bbb.bbb \ > main auth hmac-sha1 enc aes group modp1024 \ > quick auth hmac-sha1 enc aes psk sudomakemeagoat > > This uses aes128. Is there any way to get aes256 working? Note: I'm on > 4.2, was 256 support added later? If not, is there any way I could > enable 256 on 4.2? > > -- joe. > > I can't believe Alan Davies would do that. I absolutely love him!
