[strongSwan-dev] stack sends wrong response for retransmitted request
Tobias Brunner
tobias at strongswan.org
Wed Jul 11 10:15:37 CEST 2018
Hi Siddesh,
> Seeing the below behaviour in strognswan:
> Strongswan code is used for ePDG model,UE is sending IKE_AUTH request to
> ePDG, gateway receives it but even before sending out IKE_AUTH response
> for this request, it is receiving one more IKE_AUTH(retrnsmitted)
> request from UE and strongswan stack is sending out IKE_SA_INIT response
> to this request.
That seems highly unlikely. If this actually happened, send more
information like strongSwan version, applied patches, log files, traffic
dumps etc.
> I feel, when Gateway receives retransmitted request before even reponse
> is prepared for that request, it should drop it. If response is prepared
> then, that should be sent out.
As long as the request is processed no other message for the same IKE_SA
can be processed (it's locked). And responding with a message with a
different message ID is also something that doesn't happen.
Regards,
Tobias
More information about the Dev
mailing list