[strongSwan] installpolicy=no not working, even when reqid is manually set
Mohammad Ayyash
mohammad.ayyash at nsn.com
Tue Nov 2 11:36:54 CET 2010
reauth=no is already set during the test i did
On 11/02/2010 11:27 AM, ext Martin Willi wrote:
>> Charon starts with reqid 1 and then just enumerates them. If
>> reqid 2 is assigned to your IPsec SA means that reqid 1 was
>> assigned to an earlier connection.
> Requids are reused after rekeying. But in your case, the tunnel is
> reauthenticated (i.e. re-established from scratch). This results in a
> completely new CHILD_SA that has a unique requid. Setting reauth=no
> probably works better for your special case.
>
> Regards
> Martin
>
>
More information about the Users
mailing list