[strongSwan] issues with Child SA re-negotiation

[Martin Willi]

> Does IKEv1 re-authentication support make-before-break mechanism?

IKEv1 does not re-negotiate the Quick Modes during re-authentication,
but the existing Quick Modes are still valid after removing the old
ISAKMP-SA. In strongSwan we migrate the Quick Modes to the new ISAKMP-SA
if re-authentication is detected; so yes, connectivity stays up during
IKEv1 re-authentication.

Regards
Martin