[strongSwan-dev] Rekey Question
mglt.biz at gmail.com
Fri Jul 26 09:44:28 CEST 2013
Looking at the logs, it looks that all CHILD_SA attached to the IKE_SA
are rekeyed and removed with Delete Payload, but the IKE_SA does not
seems to be deleted with Delete Payloads. On the other hand ipsec
statusall does not shows the old IKE_SA.
If strongswan does not support an IKE_SA REKEY, I would like to know if
there are any reasons for that, or if it just not yet implemented.
On 07/25/2013 07:40 PM, Daniel Palomares wrote:
> Hello all,
> I was just wondering to know if strongswan can perform rekey for ONLY
> IKE_SAs and not IPsec SAs.
> Whether the response is yes or no:
> Does strongSwan keep the old IKE_SA keying material during REKEY (for
> only IKE_SA or both IKE_SA and IPsec_SA) ?
> Thanks guys
> Dev mailing list
> Dev at lists.strongswan.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev