Component: ipsec

6.7 Stable 2013-Nov-29 (12 years ago)

• added aes-gcm icv16 encryption mode;
• added aes-ctr encryption mode;
• added sha256 and sha512 support;
• proposal defaults changed to aes-128 and sha1 for both phase1 and phase2;
• fix policy bypass on IPv6 gre, ipip, eoip tunnels when policy uses protocol filter;

6.5 Stable 2013-Oct-16 (12 years ago)

• fix peer mathing with non byte aligned masks;

6.2 Stable 2013-Aug-02 (12 years ago)

• fixed peer address matching;
• fix phase1 autonegotiation on little endian platforms;

6.1 Stable 2013-Jun-12 (12 years ago)

• for peers with full IP address specified system will autostart ISAKMP SA negotiation;

6.0 Stable 2013-May-17 (12 years ago)

• added /peer passive option which will prevent starting ISAKMP negotiation and signifies xauth responder/initiator side;
• added pre-shared-key-xauth and rsa-signature-hybrid authentication methods;

5.8 Stable 2011-Nov-01 (14 years ago)

• support authorization with raw RSA keys;

5.7 Stable 2011-Sep-14 (14 years ago)

• new exchange mode (main-l2tp) for l2tp tunnel users to allow FQDN as a peer ID with preshared key authorization in main mode;
• fixed problem of RB1200 rebooting when large amount of UDP traffic is sent through IPsec;