vpnmain.cgi: Use MODP groups with smaller key lengths by default.

author Michael Tremer <michael.tremer@ipfire.org>

Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi

index 2e3ef9a5705c38e5a34b937e7a89b21823c61104..58645c39c2cf8a85156582b78ecd6c73ea84e6db 100644 (file)
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -1840,7 +1840,7 @@ END
         #use default advanced value
         $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des';     #[18];
         $cgiparams{'IKE_INTEGRITY'}  = 'sha2_256|sha|md5';      #[19];
-       $cgiparams{'IKE_GROUPTYPE'}  = '8192|6144|4096|3072|2048|1536|1024';            #[20];
+       $cgiparams{'IKE_GROUPTYPE'}  = '4096|3072|2048|1536|1024';              #[20];
         $cgiparams{'IKE_LIFETIME'}   = '3';             #[16];
         $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des';     #[21];
         $cgiparams{'ESP_INTEGRITY'}  = 'sha2_256|sha1|md5';     #[22];
author	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)