VPN fails silently if peer uses 1DES
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| network-manager-vpnc (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
I needed to connect to a Cisco VPN. I imported a pcf file, but after that the VPN failed. After testing with the vpnc commandline client it seems that the VPN concentrator is configured for 1DES and that vpnc disables that by default (which is good).
The error from vpnc
-------
vpnc: peer selected (single) DES as "encryption" method.
This algorithm is considered too weak today
If your vpn concentrator admin still insists on using DES
use the "--enable-1des" option
-------
The setting as described in the manpage.
-------
-------
After setting the option to enable single DES the VPN worked.
Then I went to the network manager settings: VPN->Advanced-
What I expect if I connect to a 1DES Cisco VPN with the default settings is:
- NetworkManager detects that the encryption method doesn't match and gives an error like "Encryption method mismatch: Local=Strong Remote=Weak, Go to advanced settings to change it" (Or a warning like "Remote VPN is configured for weak encryption: Continue or Abort?")
| Daniël van Eeden (dveeden) wrote | #1 |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in network-manager-vpnc (Ubuntu): | |
| status: | New → Confirmed |
| ariel cornejo (arielco) wrote | #3 |
| summary: |
- VPN fails if remote uses DES + VPN fails silently if peer uses 1DES |
Versions:
network-
network-manager 0.9.8.0-0ubuntu6
Ubuntu 13.04