define explicit IKEv1 key exchange mode

2025-10-05 00:00:45 -04:00 · 2010-10-07 07:31:44 +02:00 · 2010-10-07 07:31:44 +02:00 · 84babfb895
commit 84babfb895
parent 9b201cf859
61 changed files with 61 additions and 1 deletions
--- a/testing/hosts/alice/etc/ipsec.conf
+++ b/testing/hosts/alice/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 		
 conn nat-t
 	left=%defaultroute
--- a/testing/hosts/bob/etc/ipsec.conf
+++ b/testing/hosts/bob/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn nat-t
 	left=%defaultroute
--- a/testing/hosts/carol/etc/ipsec.conf
+++ b/testing/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn home
 	left=PH_IP_CAROL
--- a/testing/hosts/dave/etc/ipsec.conf
+++ b/testing/hosts/dave/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn home
 	left=PH_IP_DAVE
--- a/testing/hosts/moon/etc/ipsec.conf
+++ b/testing/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/hosts/sun/etc/ipsec.conf
+++ b/testing/hosts/sun/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_SUN
 	leftcert=sunCert.pem
 	leftid=@sun.strongswan.org
--- a/testing/hosts/venus/etc/ipsec.conf
+++ b/testing/hosts/venus/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn nat-t
 	left=%defaultroute
--- a/testing/tests/gcrypt-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=camellia128-sha256-modp2048!
 	esp=camellia128-sha256!

--- a/testing/tests/gcrypt-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=camellia128-sha256-modp2048!
 	esp=camellia128-sha256!

--- a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=serpent256-sha2_512-modp4096!
 	esp=serpent256-sha2_512!

--- a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=serpent256-sha2_512-modp4096!
 	esp=serpent256-sha2_512!

--- a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=twofish256-sha2_512-modp4096!
 	esp=twofish256-sha2_512!

--- a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=twofish256-sha2_512-modp4096!
 	esp=twofish256-sha2_512!

--- a/testing/tests/ike/rw-cert/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ike/rw-cert/hosts/dave/etc/ipsec.conf
@ -9,6 +9,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev2

 conn home
 	left=PH_IP_DAVE
@ -17,5 +18,4 @@ conn home
 	right=PH_IP_MOON
 	rightid=@moon.strongswan.org
 	rightsubnet=10.1.0.0/16
-	keyexchange=ikev2
 	auto=add
--- a/testing/tests/ike/rw-cert/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ike/rw-cert/hosts/moon/etc/ipsec.conf
@ -9,6 +9,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1 

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=blowfish256-sha2_512-modp4096!
 	esp=blowfish256-sha2_512!

--- a/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=blowfish256-sha2_512-modp4096!
 	esp=blowfish256-sha2_512!

--- a/testing/tests/ikev1/alg-sha256-96/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256-96/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes128-sha256-modp2048!
 	esp=aes128-sha256_96!

--- a/testing/tests/ikev1/alg-sha256-96/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256-96/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes128-sha256-modp2048!
 	esp=aes128-sha256_96!

--- a/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes128-sha256-modp2048!
 	esp=aes128-sha256!

--- a/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes128-sha256-modp2048!
 	esp=aes128-sha256!

--- a/testing/tests/ikev1/alg-sha384/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes192-sha384-modp3072!
 	esp=aes192-sha384!

--- a/testing/tests/ikev1/alg-sha384/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes192-sha384-modp3072!
 	esp=aes192-sha384!

--- a/testing/tests/ikev1/alg-sha512/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha512/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes256-sha512-modp4096!
 	esp=aes256-sha512!

--- a/testing/tests/ikev1/alg-sha512/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha512/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=aes256-sha512-modp4096!
 	esp=aes256-sha512!

--- a/testing/tests/ikev1/attr-cert/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/attr-cert/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_CAROL
 	leftcert=carolCert.pem
 	leftid=carol@strongswan.org
--- a/testing/tests/ikev1/attr-cert/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev1/attr-cert/hosts/dave/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_DAVE
 	leftcert=daveCert.pem
 	leftid=dave@strongswan.org
--- a/testing/tests/ikev1/attr-cert/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/attr-cert/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1l
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/compress/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/compress/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	compress=yes

 conn home
--- a/testing/tests/ikev1/compress/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/compress/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	compress=yes

 conn rw
--- a/testing/tests/ikev1/crl-from-cache/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-from-cache/hosts/carol/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_CAROL
 	leftcert=carolCert.pem
 	leftid=carol@strongswan.org
--- a/testing/tests/ikev1/crl-from-cache/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-from-cache/hosts/moon/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/crl-ldap/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-ldap/hosts/carol/etc/ipsec.conf
@ -17,6 +17,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=2
+	keyexchange=ikev1

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/crl-ldap/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-ldap/hosts/moon/etc/ipsec.conf
@ -17,6 +17,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=2
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/crl-revoked/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-revoked/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_CAROL
 	leftcert=carolRevokedCert.pem
 	leftid=carol@strongswan.org
--- a/testing/tests/ikev1/crl-revoked/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-revoked/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/crl-strict/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-strict/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_CAROL
 	leftcert=carolCert.pem
 	leftid=carol@strongswan.org
--- a/testing/tests/ikev1/crl-strict/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-strict/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/crl-to-cache/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-to-cache/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_CAROL
 	leftcert=carolCert.pem
 	leftid=carol@strongswan.org
--- a/testing/tests/ikev1/crl-to-cache/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/crl-to-cache/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=PH_IP_MOON
 	leftcert=moonCert.pem
 	leftid=@moon.strongswan.org
--- a/testing/tests/ikev1/default-keys/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/default-keys/hosts/carol/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/default-keys/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/default-keys/hosts/moon/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn carol
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/double-nat-net/hosts/alice/etc/ipsec.conf
+++ b/testing/tests/ikev1/double-nat-net/hosts/alice/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 		
 conn nat-t
 	left=%defaultroute
--- a/testing/tests/ikev1/double-nat-net/hosts/bob/etc/ipsec.conf
+++ b/testing/tests/ikev1/double-nat-net/hosts/bob/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn nat-t
 	left=%defaultroute
--- a/testing/tests/ikev1/double-nat/hosts/alice/etc/ipsec.conf
+++ b/testing/tests/ikev1/double-nat/hosts/alice/etc/ipsec.conf
@ -12,6 +12,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 		
 conn nat-t
 	left=%defaultroute
--- a/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	dpdaction=clear
 	dpddelay=10
 	dpdtimeout=30
--- a/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dpd-restart/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dpd-restart/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
        dpdaction=restart
        dpddelay=5
        dpdtimeout=25
--- a/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=%defaultroute
 	leftnexthop=%direct
 	leftsubnet=10.1.0.0/16
--- a/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=%defaultroute
 	leftnexthop=%direct
 	leftsubnet=10.1.0.0/16
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon 
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1

 conn moon
 	left=%defaultroute
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	left=%defaultroute
 	leftnexthop=%direct
 	leftsubnet=10.1.0.0/16
--- a/testing/tests/openssl-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/openssl-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=camellia192-sha384-modp3072!
 	esp=camellia192-sha384!

--- a/testing/tests/openssl-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/openssl-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf
@ -11,6 +11,7 @@ conn %default
 	keylife=20m
 	rekeymargin=3m
 	keyingtries=1
+	keyexchange=ikev1
 	ike=camellia192-sha384-modp3072!
 	esp=camellia192-sha384!