[strongSwan-dev] How to disable Extended sequence number support from SS5 code
martin at strongswan.org
Tue Aug 21 08:03:57 CEST 2012
> 00[KNL] unable to set IPSEC_POLICY on socket: Operation not supported.
This error is triggered at  while installing IPsec bypass policy for
the IKE socket. I don't think it is related to ESN, but something else
is missing in your kernel configuration. Please check that you have all
options included as seen in .
> I prefer to disable ESN instead of patching my kernel to limited other
> side effects to other code
ESN is used only if you include it in your "esp" proposal in ipsec.conf,
otherwise ESN is disabled.
More information about the Dev