[ previous ] [ next ] [ threads ]
 
 From:  Ian Cartwright <ian351c at cox dot net>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Add AES (Rijndael 256) to phase 1 and phase 2
 Date:  Wed, 31 Dec 2003 18:22:36 -0700
Hello all,

I use AES 256 at work for VPNs, but this choice is not available with
m0n0wall (though raccoon supports it). Included is a quick diff of
/usr/local/www/vpn_ipsec_edit.php to add AES 256 to phase 1 and phase 2
negotiation. It works great, though the VPN:IPsec table can't fit
"Rijndael 256" in the "P1 Enc. Algo" field, so it appears blank.
--- vpn_ipsec_edit.php.bak	2003-12-31 15:53:36.000000000 -0700
+++ vpn_ipsec_edit.php	2003-12-31 16:01:05.000000000 -0700
@@ -41,9 +41,10 @@
 					  		'fqdn' => 'Domain name');
 
 $p1_ealgos = array('des' => 'DES', '3des' => '3DES', 'blowfish' => 'Blowfish', 
-					'cast128' => 'CAST128');
+					'cast128' => 'CAST128', 'rijndael 256' => 'Rijndael 256');
 $p2_ealgos = array('des' => 'DES', '3des' => '3DES', 'blowfish' => 'Blowfish',
-					'cast128' => 'CAST128', 'rijndael' => 'Rijndael');
+					'cast128' => 'CAST128', 'rijndael' => 'Rijndael',
+					'rijndael 256' => 'Rijndael 256');
 $p1_halgos = array('md5' => 'MD5', 'sha1' => 'SHA1');
 $p2_halgos = array('hmac_md5' => 'MD5', 'hmac_sha1' => 'SHA1');
 $p2_protos = array('esp' => 'ESP', 'ah' => 'AH');