How to detect a phase1 and phase2 Algorithms

[duythien]

Hello,

I have use Ubuntu 16.04 to connect a VPN, firstly I connect a VPN server with the information below

L2TP over IPsec VPN Server:
===========================
IP-Address: 188.226.xxx.xxx
Username: vpnuser
Password: hFVSabf2Q48bL35YWHnhnHC0
IPsec PSK: 6wJWxgjeE7YcnmMV3VtaKw73

It work fine even I do not add phase1 and phase2 Algorithms, but for this VPN server below

Server IP: 35.160.225.xx
IPsec PSK: Kwdrfv5we5A
Username: vpnuser
Password: K0Q8DNVNMcNs2mJDUXYlxmhLvY4vqXXX

It will be not work, I guess because algorithms so that how to push phase1 and phas2 for image below

And I have try to a script ika-scan but I don't know how to get it

lsudo ./ike-scan.sh 125.xxx.xxx.xxx |  grep SA     
SA=(Enc=3DES Hash=MD5 Auth=PSK Group=1:modp768 LifeType=Seconds LifeDuration(4)=0x00007080)  
 SA=(Enc=3DES Hash=MD5 Auth=PSK Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)  
 SA=(Enc=3DES Hash=MD5 Auth=PSK Group=5:modp1536 LifeType=Seconds LifeDuration(4)=0x00007080) 
SA=(Enc=3DES Hash=MD5 Auth=PSK Group=14:modp2048 LifeType=Seconds LifeDuration(4)=0x00007080) 125.100.175.171 

 Notify message 14 (NO-PROPOSAL-CHOSEN) 
SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=1:modp768 LifeType=Seconds LifeDuration(4)=0x00007080)

Could you help me how to get it

    Phase1 Algorithms: ?
    Phase2 Algorithms: ?

[dkosovic]

looks like it is using 3DES with a MD5 hash of various sizes, so would be :

• Phase1 Algorithms: 3des-md5-modp2048,3des-md5-modp1536,3des-md5-modp1024
• Phase2 Algorithms: 3des-md5

If you still have IPsec issues, you could remove the Phase1 & Phase 2 Algorithms values and try libreswan instead of strongswan, e.g:

sudo apt install libreswan

The above command will remove strongswan.

[duythien]

Thanks. I will test it tomorrow on my company

[dkosovic]

haven't heard back for over 5 weeks, so assume it is okay now.

If you are still having issues, reply when ready and I'll reopen it.