From e850fca9c39b02ac04ac4ea60ad8ead134f04444 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sat, 24 Apr 2021 22:34:48 -0500
Subject: [PATCH] Update IKEv2 script

- Remove MODP1024 from IKEv2 ciphers for improved security. Windows users
  will need to make a one-time registry change before connecting for the
  first time. Refer to https://git.io/ikev2.
---
 extras/ikev2setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extras/ikev2setup.sh b/extras/ikev2setup.sh
index d2cf0ae..9cf8454 100755
--- a/extras/ikev2setup.sh
+++ b/extras/ikev2setup.sh
@@ -982,7 +982,7 @@ conn ikev2-cp
   ikev2=insist
   rekey=no
   pfs=no
-  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
+  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2
   ikelifetime=24h
   salifetime=24h