[strongSwan] Rekey between openswan and strongswan

Martin Willi martin at strongswan.org
Wed Oct 27 10:25:40 CEST 2010

> the log is in the attachment.

Looks like openswan does not like the CREATE_CHILD_SA rekey message:

>     exchange type: ISAKMP_v2_CHILD_SA
>     message ID:  00 00 00 02
> packet from 2001:db8:1:2:20c:29ff:fe45:b04e:500: sending notification v2N_INVALID_MESSAGE_ID to 2001:db8:1:2:20c:29ff:fe45:b04e:500
> don't send packet when notification data empty

The message ID looks correct to me, ID 2 follows to the initial
IKE_SA_INIT and IKE_AUTH exchanges.

Please discuss this issue with the openswan developers, we can't help
you here. While both projects have the same origin, the IKEv2
implementation is completely different.


More information about the Users mailing list