[strongSwan] INITIAL_CONTACT notify issue
Martin Willi
martin at strongswan.org
Thu Sep 19 09:07:11 CEST 2013
Hi,
> The old IKE_SA got deleted when the new and old IKE_SA use the same leftid
> and rightid. The old IKE_SA did not get deleted when rightid is different.
This is the intended behavior we have implemented in strongSwan.
RFC 5996 says:
> The INITIAL_CONTACT notification asserts that this IKE SA is the only
> IKE SA currently active between the authenticated identities.
Regards
Martin
More information about the Users
mailing list