[strongSwan-dev] Some doubts in Strongswan
bhashkar prakash singh
singh.bhashkar at gmail.com
Thu Jun 25 17:11:14 CEST 2015
It would be great help if someone can reply to this mail.
I am waiting for your reply.
Thanks & Regards,
On Wed, Jun 24, 2015 at 11:13 PM, bhashkar prakash singh <
singh.bhashkar at gmail.com> wrote:
> 1 - I have a case where our device is not able to process the inbound
> packets due to spi mismatch but device is able to encrypt and transmit the
> outbound packets.
> This can be possible in following scenario.
> a- only inbound SA has been deleted but outbound SA still present.
> But is it
> possible that strongswan delete only inbound SA but it still
> maintain outbound SA ?
> b- Both inbound and out bound SA are present but inbound packets
> having spi that does
> not match inbound SA spi ? But how can a remote gateway can send
> a packet with different spi when
> negotiation has happened on some otehr spi ? is it possible ?
> 2- Is it possible that local and remote peer, both act as initiator and
> responder at the same time ?
> is there any possibility of any error if both side act as initiator and
> responder ?
> How does we ensure strongswan only act as initiator or responder ?
> Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev