ike: Add an additional but separate AEAD proposal to IKE config, if supported
[strongswan.git] / src / libcharon / plugins / ha / ha_tunnel.c
index 74147e5..5336900 100644 (file)
@@ -207,6 +207,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
                                                         charon->socket->get_port(charon->socket, FALSE),
                                                         remote, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+       ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
        peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
                                                UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE,
                                                TRUE, 30, 0, FALSE, NULL, NULL);