[strongSwan] how to force re-try if received NO_PROPOSAL_CHOSEN notify error

Shukla, Sanjay Sanjay.Shukla at ipc.com
Thu Jul 5 18:10:39 CEST 2012


I have a host to host configuration

The initiator  tried to create a tunnel to the peer, however a corresponding configuration was not found. Later on the peer updated its configuration and ipsec was restarted on the peer.

However for my requirement I need the initiator to keep trying but it does not re-try if it receives  if received NO_PROPOSAL_CHOSEN notify error for that connection.

Are there any setting I can do for this.

Initiator config.
conn LocalIP_VIP_10.204.74.68
                left=10.204.74.189
                leftcert=ServLcl.pem
                leftsendcert=yes
                right=10.204.74.68
                rightid=%any
                keyexchange=ikev2
                type=transport
                reauth=no
                dpddelay=5s
                dpdaction=restart
                closeaction=restart
                keyingtries=%forever
                auto=start

-sanjay




[cid:green-logobb3.jpg]Please consider the environment before printing this email.


------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

DISCLAIMER: This e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unintended recipients are prohibited from taking action on the basis of information in this e-mail.E-mail messages may contain computer viruses or other defects, may not be accurately replicated on other systems, or may be intercepted, deleted or interfered with without the knowledge of the sender or the intended recipient. If you are not comfortable with the risks associated with e-mail messages, you may decide not to use e-mail to communicate with IPC. IPC reserves the right, to the extent and under circumstances permitted by applicable law, to retain, monitor and intercept e-mail messages to and from its systems.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120705/fd8b7ef7/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: green-logobb3.jpg
Type: image/jpeg
Size: 1268 bytes
Desc: green-logobb3.jpg
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120705/fd8b7ef7/attachment.jpg>


More information about the Users mailing list