[strongSwan] Ikev2 on initiator side and ikev1 on responder side
Dimitrios Siganos
dimitris at siganos.org
Thu Mar 11 11:14:26 CET 2010
ashish mahalka wrote:
> In the ipsec.conf file for Initiator, keyexchange is specified as
> ikev2 whereas for the Responder it is specified as ikev1. But still i
> am able to establish a ikev2 association between the two peers.
>
The keyexhange setting has no effect on the responder.
keyexchange = ike | ikev1 | ikev2
method of key exchange; which protocol should be used to initialize the
connection. Connections marked with
ikev1 are initiated with Pluto, those marked with ikev2 with Charon. An
incoming request from
the remote peer is handled by the correct daemon, unaffected from the
keyexchange setting. The default
value ike currently is a synonym for ikev1.
Dimitris Siganos
More information about the Users
mailing list