[strongSwan-dev] IKE_AUTH with IDi and IDr

Peter Hsiang phsiang at nvidia.com
Sat Aug 30 00:04:14 CEST 2014

The 3GPP TS 33.402 spec (rel12) chapter 8.2.2 (top of page 33) says that the first IKE_AUTH request sends the user identity (in IDi payload) and the APN information (in the IDr payload).
Looking at the Strongswan source, I did not find any implementation of sending the APN in the IDr ?
Looking at RFC 4306 for the packet format, there is no mentioning of APN.
Does anyone know if the APN is required, and what the IKE_AUTH message might use it for?

Related code:
- libcharon/encoding/payloads/id_payload.c
- libcharon/encoding/message.c
- libcharon/sa/ikev2/tasks/ike_auth.c  (method build_i)

The comment in method build_i suggests that IDr is optional?


This email message is for the sole use of the intended recipient(s) and may contain
confidential information.  Any unauthorized review, use, disclosure or distribution
is prohibited.  If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140829/679c7b5b/attachment.html>

More information about the Dev mailing list