[strongSwan] IKEv1 - Message-IDs during phase 1 for encrypted Notify messages

Andreas Steffen andreas.steffen at strongswan.org
Tue Apr 20 10:44:58 CEST 2010

Hello Vladimir,

the Message ID will be unique non-zero and the encryption will
be derived from the IKE Phase 1 IV.

The following link shows the function generate_msgid() which
generates a unique msgid:


and the next link shows how send_notification() uses this function:




On 20.04.2010 10:08, Владимир Подобаев wrote:
> Hello!
> I want to ask IKEv1 experts.
> Suppose during phase 1 - key exchange went ok. Suppose - a notification message is sent on some reason (during phase 1).
> It is encrypted (because key exchange completed).
> A question: What Message ID will the Notify message have? Zero or unique non-zero? I can't figure it out from RFCs.
> Great thanks in advance!
> Best regards, Vladimir Podobaev

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list