[strongSwan-dev] Some doubts in Strongswan
bhashkar prakash singh
singh.bhashkar at gmail.com
Thu Jun 25 17:11:14 CEST 2015
Hi,
It would be great help if someone can reply to this mail.
I am waiting for your reply.
Thanks & Regards,
Bhashkar
On Wed, Jun 24, 2015 at 11:13 PM, bhashkar prakash singh <
singh.bhashkar at gmail.com> wrote:
> Hi,
>
> 1 - I have a case where our device is not able to process the inbound
> encrypted
> packets due to spi mismatch but device is able to encrypt and transmit the
> outbound packets.
>
> This can be possible in following scenario.
>
> a- only inbound SA has been deleted but outbound SA still present.
> But is it
> possible that strongswan delete only inbound SA but it still
> maintain outbound SA ?
>
> b- Both inbound and out bound SA are present but inbound packets
> having spi that does
> not match inbound SA spi ? But how can a remote gateway can send
> a packet with different spi when
> negotiation has happened on some otehr spi ? is it possible ?
>
>
> 2- Is it possible that local and remote peer, both act as initiator and
> responder at the same time ?
> is there any possibility of any error if both side act as initiator and
> responder ?
> How does we ensure strongswan only act as initiator or responder ?
>
> Thanks in advance.
>
> Regards,
> Bhashkar
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150625/d55dd4c2/attachment.html>
More information about the Dev
mailing list