FAQ
Jump to navigation
Jump to search
FAQ
( we will sort this in categories once we have more )
Which IKE Exchange modes does libreswan support?
The IANA Registry lists all official Exchange Modes. There are a few IKEv1 Modes that are very common despite never gotten past the draft stage.
Supported:
- IKEv2 (PSK, raw RSA, X509)
- IKEv1 Main Mode (PSK, raw RSA, X509)
- IKEv1 Aggressive Mode (PSK, raw RSA, X509)
- IKEv1 XAUTH/RSA and XAUTH/PSK with ModeConfig (aka "Cisco IPsec mode")
Not supported
- IKEv2 CP mode (planned, not yet implemented)
- IKEv1 Revised Mode
- IKEv1 Hybrid Mode (aka "Mutual Group Authentication") although there is some unmaintained contributed code
Module unloading error on shutdown or restart: Module esp4 is in use
ERROR: Module xfrm4_mode_tunnel is in use ERROR: Module esp4 is in use FAILURE to unload NETKEY esp4/esp6 module
This has been fixed in libreswan-3.9. Please upgrade