[strongSwan] DPD [lack of] interoperability between strongswan and Cisco IOS
Martin Willi
martin at strongswan.org
Mon Jun 10 14:48:17 CEST 2013
> parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ]
> generating ID_PROT request 0 [ ID HASH ]
I don't see that charon processes any vendor IDs in the second MM
response.
When I send some vendor IDs in that message, the initiator processes
them properly:
> parsed ID_PROT response 0 [ KE No V V V V V NAT-D NAT-D ]
> received strongSwan vendor ID
> received XAuth vendor ID
> received DPD vendor ID
> received Cisco Unity vendor ID
> received NAT-T (RFC 3947) vendor ID
> generating ID_PROT request 0 [ ID HASH ]
Can you please double-check that you are running the correct, patched
version?
If this is the case, you may try to add some additional debugging to
isakmp_vendor.c, as I can't reproduce the issue here with the patch
applied.
Regards
Martin
More information about the Users
mailing list