[strongSwan-dev] [Strongswan]: Node is replying for ISAKMP message for unconfigured connection
jegathesh malaiyappan
mjegakathir at gmail.com
Sat Mar 16 12:06:50 CET 2013
Hi,
*Strongswan : 4.5.3 *
*NODE A* ß
-----------------------------------------------------------------------àNODE
B
(Initiator &
Responder)
(Initiator & Responder)
NODE A ---à conn403 is configured in NODE A
NODE B --à conn403 is not configured in NODE B
NODE A is sending ISAKMP message to NODE B. This is excepted behavior.
But, NODE B is responding for this un-configured connection message.
Is this expected behavior in Strongswan? Please clarify me this.
<snip>
conn conn403
type=tunnel
leftsubnet=4.1.1.1/32
rightsubnet=40.1.1.100/24
left=4.1.1.1
right=4.1.1.10
keyexchange=ikev2
reauth=no
ike=aes128-sha1-modp1024,3des-sha1-modp1024!
ikelifetime=84395s
esp=aes128-sha1,3des-sha1!
authby=pubkey
rightid=%any
leftid="192.168.255.129"
keylife=86400s
dpdaction=restart
dpddelay=10
dpdtimeout=120
rekeyfuzz=50%
rekeymargin=180s
</snip>
Thanks in advance.
-Jegathesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130316/075bdbde/attachment.html>
More information about the Dev
mailing list