[strongSwan] strongSwan DPD Notification messages (RFC3706)
Petar Tsankov
petar.tsankov at gmail.com
Wed Aug 17 17:11:54 CEST 2011
Hi,
I am running some tests on strongSwan and I cannot understand under what
conditions does strongSwan generate a DPD Notification message
(RFC3706). The message that I expect has the following format: ISAKMP
header with the initiator and responder cookie fields, next payload flag
set to 11 for Notification, exchange type flag set to 5 for Info, the
ISAKMP notify payload should have message type 36136 or 16137, which are
the corresponding R-U-THERE or R-U-THERE-ACK messages.
I tried using the dpdelay/dpdtimeout connection parameters in
ipsec.conf, but the R-U-THERE(-ACK) messages sent by strongSwan have a
different format. Namely, they have the ISAKMP header followed by
encrypted payload.
Could anyone give me some hints?
Thanks in advance.
Best regards,
Petar
More information about the Users
mailing list