vpnmain.cgi: Use MODP groups with smaller key lengths by default.

author Michael Tremer <michael.tremer@ipfire.org>

Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)

committer Alexander Marx <amarx@ipfire.org>

Thu, 8 Aug 2013 05:52:06 +0000 (07:52 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
committer Alexander Marx <amarx@ipfire.org>
Thu, 8 Aug 2013 05:52:06 +0000 (07:52 +0200)
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi

index 78ae2d75d29150942b8a0cb5250ac67207041df7..2fbe48035a5fab51c64a24fbe84c5021640467b4 100644 (file)
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -1840,7 +1840,7 @@ END
         #use default advanced value
         $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des';     #[18];
         $cgiparams{'IKE_INTEGRITY'}  = 'sha2_256|sha|md5';      #[19];
-       $cgiparams{'IKE_GROUPTYPE'}  = '8192|6144|4096|3072|2048|1536|1024';            #[20];
+       $cgiparams{'IKE_GROUPTYPE'}  = '4096|3072|2048|1536|1024';              #[20];
         $cgiparams{'IKE_LIFETIME'}   = '3';             #[16];
         $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des';     #[21];
         $cgiparams{'ESP_INTEGRITY'}  = 'sha2_256|sha1|md5';     #[22];
author	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)
committer	Alexander Marx <amarx@ipfire.org>
	Thu, 8 Aug 2013 05:52:06 +0000 (07:52 +0200)