[strongSwan] Fwd: XFRM_MSG_EXPIRE handling in StrongSwan
digambar49 .
digambar49 at gmail.com
Tue Jul 8 07:06:08 CEST 2014
Hi,
I have tunnel setup. with Strongswan 4.5.3
I am trying to renegotiate the SA using soft-life expiry by sending netlink
message XFRM_MSG_EXPIRE.
Linux receives the netlink message as below:
Command: ip xfrm monitor
Expired src 192.168.67.1 dst 192.168.67.2
proto esp spi 0x05e547c2 reqid 0 mode transport
replay-window 0
sel src 192.168.50.0/24 dst 192.168.51.0/24
hard 0
Below message is also printed by Strongswan (Pluto running in debug mode)
“received a XFRM_MSG_EXPIRE”
However, I do not see any further messages which indicate update SA or
re-negotiation happening between the two endpoints.
Even packet capture shows that OLD spi being used.
Is soft-life expiry using netlink message XFRM_MSG_EXPIRE support working
in StrongSwan?
Thanks,
Digambar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140708/151fbbb5/attachment.html>
More information about the Users
mailing list