[strongSwan] Strongswan 4.5.2 sending IKEv2_INFORMATIONAL_REQUEST with wrong flags
AVISHEK GANGULY
aganguly14 at gmail.com
Fri Sep 7 12:42:25 CEST 2012
Hi,
I am using strongswan 4.5.2 in Ubuntu 10.10 version.
After timing out a child SA which was previously created Strongswan sends
CREATE_CHILD_SA rekey request.
Then My application sends CREATE_CHILD_SA Response and in turn Strongswan
sends IKEv2_INFORMATIONAL_EXCHANGE with Flags 0x00
That is initiator and responderder bit nothing is true.
Please help me with this problem.Why this behaviour is seen.
Thanks in advance.
Here is the packet decodesent by strongswan by my application-
ETHER: ---- Ethernet Header ----
ETHER:
ETHER: Destination = 00:10:18:B1:40:63
ETHER: Source = 00:0F:FE:6F:39:28
ETHER: Type = 0x0800 (DOD IP)
ETHER:
IP: ---- IP Packet ----
IP:
IP: Version = 4
IP: Internet Header Length = 5 (20 bytes)
IP: Type Of Service = 0x00
IP: |01234567
IP: |000..... = Precedence (Routine)
IP: |...0.... = Normal Delay
IP: |....0... = Normal Throughput
IP: |.....0.. = Normal Reliability
IP: |......0. = Normal Monetary Cost
IP: |.......0 = Must Be Zero
IP: Total Length = 96 bytes
IP: Identification = 0x0000 (0)
IP: Flags = 2
IP: |012
IP: |0.. = Reserved
IP: |.1. = Don't Fragment
IP: |..0 = Last Fragment
IP: Fragment Offset = 0x0000 (0 bytes)
IP: Time to Live = 64
IP: Protocol = UDP (17)
IP: Header Checksum = 0x2446 (Correct)
IP: Source Address = 10.1.1.20
---------------------------------------------------------(IP of the
interface in which strongswan is running)
IP: Destination Address = 10.1.1.50
---------------------------------------------------------(IP of the
interface in which my application is running)
IP:
UDP: ---- UDP Packet ----
UDP:
UDP: Source Port = 500 (500)
UDP: Destination Port = 500 (500)
UDP: Length = 76
UDP: Checksum = 0xBB9B (Correct)
UDP:
IKEV2:
IKEV2: ---- IKEV2 HEADER ----
IKEV2: --- Initiator SPI [8 bytes] ---
IKEV2: 00 00 2E 66 00 00 2E 66 ...f...f
IKEV2: --- Initiator SPI End ---
IKEV2:
IKEV2: --- Responder SPI [8 bytes] ---
IKEV2: CE EE 67 98 8C 80 0F 6C ..g....l
IKEV2: --- Responder SPI End ---
IKEV2:
IKEV2: Next Payload = Encrypted Payload
IKEV2: Major Version = 2
IKEV2: Minor Version = 0
IKEV2: Exchange Type = 37 (Informational Exchange)
IKEV2: Flags = 0x00 (0)
IKEV2: |01234567
IKEV2: |000..... = Reserved Bits
IKEV2: |...0.... = Responder
IKEV2: |....0... = Version Bit is Not Set
IKEV2: |.....0.. = Request
IKEV2: |......00 = Reserved Bits
IKEV2: Message Id = 0x1
IKEV2: Length = 68 bytes
IKEV2:
IKEV2: ---- IKEV2 Encrypted Payload ----
IKEV2:
IKEV2: Next Payload = Delete Payload
IKEV2: Critical Payload = 0
IKEV2: RESERVED = 0
IKEV2: Payload Length = 40 bytes
IKEV2: --- IV Data [8 bytes] ---
IKEV2: 85 BE 5D 16 7D 13 E4 80 ..].}...
IKEV2: --- IV Data End ---
IKEV2: ---- IKEV2 Delete Payload ----
IKEV2:
IKEV2: Next Payload = Payload NONE
IKEV2: Critical Payload = 0
IKEV2: RESERVED = 0
IKEV2: Payload Length = 12 bytes
IKEV2: Protocol-Id = 3
IKEV2: SPI Size = 4
IKEV2: Number of SPIs = 1
IKEV2: --- SPI [4 bytes] ---
IKEV2: CE E6 6C 1E ..l.
IKEV2: --- SPI End ---
IKEV2:
IKEV2: ---- End IKEV2 Delete Payload ----
IKEV2:
IKEV2: Padding Length = 3
IKEV2: --- Padding Data [3 bytes] ---
IKEV2: 71 55 F1 qU.
IKEV2: --- Padding Data End ---
IKEV2: --- Auth Data [12 bytes] ---
IKEV2: D7 48 58 3C C4 EC A2 2B E3 AF 1D 69 .HX<...+...i
IKEV2: --- Auth Data End ---
IKEV2: ---- End IKEV2 Encrypted Payload ----
IKEV2:
Regards,
Avishek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120907/4eb3ff91/attachment.html>
More information about the Users
mailing list