* Sebastian Andrzej Siewior <firstname.lastname@example.org> [2011-08-08 22:46:38+0200]:
> * Thus spake Alexander Clouter (email@example.com):
> > I have just been tasked with putting together an active-active IPsec VPN
> > concentrator (with a need to use AES-SHA1 it seems) and I was hoping to
> > use the OpenRD's (and mv_cesa). Have you got a patch I can test that
> > fixes things for SHA1?
> The patch below should work around the problem by not using it.
I'll have you know I passed with honours from the "Computing School of
Commenting Out" and as such do not require such assistance as this
> You could try the kernel from backports. If I remember correctly than
> it seems that the later kernel passes one big chunk instead of three
> requests (init, update, fin). If that works out for then the only
> problem are fragmanted packets.
Do not tinkering with the 'mode' bit at 0xdd18 help (as suggested
by Arnaud)? I'm happy to be the guinea pig here.
I'll install the backports one anyway for testing and let you know.
 page 458 of
 you might also be interested in
.sigmonster says: Knocked, you weren't in.
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org