securiy-policies: Enhance system policy to support elliptic curves
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 19 Jul 2017 19:56:48 +0000 (21:56 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 19 Jul 2017 19:56:48 +0000 (21:56 +0200)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/vpn/security-policies/system

index accf8a2..f2120a2 100644 (file)
@@ -1,7 +1,7 @@
 KEY_EXCHANGE="ikev2"
 CIPHER="AES256-GCM128 AES192-GCM128 AES128-GCM128 AES256-CBC AES192-CBC AES128-CBC"
 INTEGRITY="SHA512 SHA384 SHA256"
-GROUP_TYPE="MODP8192 MODP4096 MODP2048"
+GROUP_TYPE="MODP8192 MODP6144 MODP4096 MODP2048 ECP521 ECP384 ECP256 ECP224 ECP192 CURVE25519"
 LIFETIME="28800"
 PFS="on"
 COMPRESSION="on"