[strongSwan-dev] Charon ::- PSK selection based on ID selectors ::
Kumar, Shekhar 1. (NSN - IN/Bangalore)
shekhar.1.kumar at nsn.com
Wed Oct 1 09:21:52 CEST 2014
Hi All ,
Could someone please tell me what are the criteria for choosing a PSK from ipsec.secrets based on ID selectors.
I was following the documentation here :: https://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets .
Which says " an entry with multiple selectors will match a host and peer if the host ID and peer ID each match one of the selectors."
But , the current charon implementation seem to select PSK from ipsec.secrets even when only one of (my_id or remote_id) matches. ( multiple selectors mentioned in PSK entry in ipsec.conf)
According to strongswan documentation in case of PSK both my_id and remote_id must match the list of selectors present for the PSK entry in ipsec.conf.
More information about the Dev