Mike Belopuhov <[email protected]> wrote: > note that it defaults to AESGCM-256 (i did it this way because > linux picks largest key).
I don't understand that rationale. A side effect of this is that you now get different key sizes if you specify "aes-gcm" in a manual SA (128) or an IKE rule (256). -- Christian "naddy" Weisgerber [email protected]
