[strongSwan-dev] Strongswan IKEv2 question
Shu Wang
shuwang2006 at gmail.com
Tue Apr 24 01:07:32 CEST 2012
Hi,
I have a few questions related to IKEv2 implementation:
1. Can you help to explain how the IDi value is passed to Ike_auth.c's
build_i function?
2. During Ipsec negotiation, if there is no IPSec SA assigned, will
the IKE tunnel removed in this case?
3. Doe current implementation support both IPv4 and IPv6 address (dual address)?
Thank you,
Shu
On Mon, Apr 16, 2012 at 4:39 PM, Shu Wang <shuwang2006 at gmail.com> wrote:
>
> Hi,
>
> I have one question about IKEv2 AUTH_REQ message. Does it support to
> set a handover flag (e.g. specifying it is either Initial or handover
> type)?
>
> Thanks,
> Shu
>
> On 4/13/12, Tobias Brunner <tobias at strongswan.org> wrote:
> > Hi Shu,
> >
> >> Does anyone have the experience of porting Strangswan to higher
> >> Android version (e.g. Android 4.0 -- Ice Cream Sandwich)?
> >
> > With 4.6.2 it works as described on the wiki for Froyo, the only
> > difference is that you have to add the strongSwan executables to be
> > installed on the final system to PRODUCT_PACKAGES in
> > build/target/product/core.mk. Also, since 4.6 the IKEv1 daemon Pluto
> > and Starter are supported on Android, so the configuration can also be
> > provided with ipsec.conf instead of the GUI patches or a custom plugin.
> > Make sure you have a look at the top-level Android.mk, which has some
> > config options to enable the daemons and plugins etc.
> >
> >> And Android patches for Froyo still work for Android higher versions?
> >
> > Probably not. The frontend patches are very specific and with ICS the
> > native VPN GUI changed quite a bit so they most likely don't apply
> > without conflicts. But I suppose the general idea of these changes
> > would still work and adapting them for ICS wouldn't be that much of a
> > problem.
> >
> > Regards,
> > Tobias
> >
More information about the Dev
mailing list