[strongSwan] IKEv2 fallback to IKEv1
anand rao
anandrao_me at yahoo.co.in
Wed Sep 8 10:47:59 CEST 2010
Hi,
Is IKEv2 fallback to IKEv1 supported in strongswan4?
Here is my configuration
Host1 running both charon and pluto daemons.
both has the same connection defined in ipsec.conf, for conn1 keyexchange=ikev2
and conn2 keyexchange=ikev1.
Host2 running only pluto deamon and keyexchange=ikev1.
In this case when the connection is initiated from Host1 it is always trying to
negotiate the connection with ikev2 and
after detecting that the responder using ikev1, it is not doing the fallback to
ikev1.
Is this the correct behavior? if so how to achieve ikev2 fallback to ikev1 in
strongswan.
Please help.
-Anand
More information about the Users
mailing list