[strongSwan] attempt-2: clarification on charon ikev2 configuration payload

Balaji J ping2balaji at gmail.com
Tue Apr 5 18:19:01 CEST 2011


(Attempt-2)

Hi All,

Can anyone provide clarification on the following item:

1. Is it possible to assign 0.0.0.0 IP address in the CFG_REPLY payload in
IKE_AUTH message using charon?
    If so, please let me know the configuration for the same.

2. Is it VALID to assign the 0.0.0.0 ip address first-of-all? Because when i
looked in to RFC4306 under
   section 2.19(Requesting an Internal Address on a Remote Network) , it
says,
   "Message from responder to initiator:
    CP(CFG_REPLY)=
          INTERNAL_ADDRESS(192.0.2.202)
          INTERNAL_NETMASK(255.255.255.0)
          INTERNAL_SUBNET(192.0.2.0/255.255.255.0)
          TSi = (0, 0-65535,192.0.2.202-192.0.2.202)
          TSr = (0, 0-65535,192.0.2.0-192.0.2.255)

*     All returned values will be implementation dependent."*

There is no mention in RFC something like "assigning 0.0.0.0 should be
handled as ERROR". So can i safely say
assigning 0.0.0.0 ip address is compliant with RFC?

Any help is highly appreciated.

Thanks,
...Balaji
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110405/8cacf4fc/attachment.html>


More information about the Users mailing list