[strongSwan] installpolicy=no not working, even when reqid is manually set

Mohammad Ayyash mohammad.ayyash at nsn.com
Tue Nov 2 11:36:54 CET 2010

reauth=no is already set during the test i did

On 11/02/2010 11:27 AM, ext Martin Willi wrote:
>> Charon starts with reqid 1 and then just enumerates them. If
>> reqid 2 is assigned to your IPsec SA means that reqid 1 was
>> assigned to an earlier connection.
> Requids are reused after rekeying. But in your case, the tunnel is
> reauthenticated (i.e. re-established from scratch). This results in a
> completely new CHILD_SA that has a unique requid. Setting reauth=no
> probably works better for your special case.
> Regards
> Martin

More information about the Users mailing list