[strongSwan] After a failed CHILD_SA rekey, rekey attempt is being continuously done
m.divya.mohan at zoho.com
Fri Apr 25 12:30:26 CEST 2014
Could you please help regarding this.
---- On Wed, 23 Apr 2014 22:00:36 -0700 m.divya.mohan wrote ----
>Sorry, I did not understand how this could be an issue with Juniper.
>Could you please elaborate on this.
>When the rekey attempt fails, shouldn't charon delete this SA after a limited number of retries, instead of infinitely trying to rekey?
>> That is a known issue and is caused by certain Juniper firmwares returning wrong SPI numbers.
>> To work around this issue, disable rekeying (rekey=no) and reauthenticate instead.
>> Noel Kuntze
More information about the Users