[strongSwan-dev] Understanding IKEv1 rekey
Tobias Brunner
tobias at strongswan.org
Mon Aug 22 11:53:28 CEST 2016
Hi Noam,
> > My question: How is the Cisco ASR supposed to know that the old IKE SA
> > is no longer relevant?
> Because it is deleted?
>
> How is the peer supposed to know that it is deleted if it doesn't
> receive a DELETE message?
It doesn't send one? I suppose that's problematic (however, DELETES in
IKEv1 are not really reliable anyway).
Regards,
Tobias
More information about the Dev
mailing list