[strongSwan] After a failed CHILD_SA rekey, rekey attempt is being continuously done
m.divya.mohan
m.divya.mohan at zoho.com
Fri Apr 25 12:30:26 CEST 2014
Hi,
Could you please help regarding this.
- Divya
---- On Wed, 23 Apr 2014 22:00:36 -0700 m.divya.mohan wrote ----
>Hi,
>
>Sorry, I did not understand how this could be an issue with Juniper.
>Could you please elaborate on this.
>
>When the rekey attempt fails, shouldn't charon delete this SA after a limited number of retries, instead of infinitely trying to rekey?
>
>- Divya
>
>--
>> Hello,
>>
>> That is a known issue and is caused by certain Juniper firmwares returning wrong SPI numbers.
>> To work around this issue, disable rekeying (rekey=no) and reauthenticate instead.
>>
>> Regards,
>> Noel Kuntze
>
>
More information about the Users
mailing list