[strongSwan-dev] support for {left,right}allowany in charon?
Andreas Steffen
andreas.steffen at strongswan.org
Sat Jun 9 14:50:47 CEST 2012
Hi Mirko,
the right|leftallowany feature is now supported by the new monolithic
IKEv1/v2 strongSwan 5.0 charon daemon. If you want to give it a
try, download our 5.0.0dr1 developers release
http://download.strongswan.org/strongswan-5.0.0dr1.tar.bz2
I also created the following IKEv2 allow-any example scenario:
http://www.strongswan.org/uml/testresults5dr/ikev2/dynamic-initiator/
which is equivalent to the existing IKEv1 scenario:
http://www.strongswan.org/uml/testresults5dr/ikev1/dynamic-initiator/
Best regards
Andreas
On 06/04/2012 10:20 PM, Mirko Parthey wrote:
> On Wed, May 30, 2012 at 03:45:09PM +0200, Tobias Brunner wrote:
>>> it turns out this doesn't work well yet when the DNS server is
>>> unreachable during connection startup.
>>
>> I pushed three patches which enable charon to retry initiating an IKE_SA
>> if it initially failed due to a failed address lookup ([1]-[3], won't
>> apply cleanly to 4.6.3). This feature is disabled by default, but can
>> be enabled by setting charon.retry_initiate_interval to the time after
>> which charon should retry initiating the IKE_SA.
>
> Hi Tobias,
> the git version is working well for me now (commit 93d9a02e).
>
> Thank you,
> Mirko
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Dev
mailing list