[strongSwan] strongSwan 5.0.2: responder ignores IKE_AUTH retransmits if IKE_AUTH response got lost

Zoltan Lugossy zoltan.lugossy at gmail.com
Fri Mar 1 14:55:25 CET 2013


I have been playing around with strongSwan 5.0.2 and 5.0.3dr2 (using ikev2)
and have noticed the following:
During initial exchange when IKE_AUTH response is lost and therefore the
initiator starts retransmitting the IKE_AUTH request, the responder ignores
these retransmits thus the initiator gets stuck retransmitting until
"ignoring IKE_AUTH in established IKE_SA state"

Any thoughts on this issue (seems to pose some reliability problems)?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130301/ad6875d6/attachment.html>

More information about the Users mailing list