[strongSwan] Duplicate checking: duplicheck and uniqueids not working

Tobias Brunner tobias at strongswan.org
Mon Jul 27 11:32:34 CEST 2015

Hi Tiago,

>      charon {
> 	plugins {
> 	    duplicheck {
> 		enable = yes

Please read the description of the duplicheck plugin's behavior on its
wiki page  [1].  It's most likely not what you want.

> Why am I still getting duplicates?

Hard to tell without logs.  But since the daemon is multi-threaded, not
all duplicates are currently resolved.  If two peers concurrently
establish SAs to each other duplicate SAs are quite likely.  Due to the
reqid changes in 5.3.x such duplicates shouldn't be much of an issue
anymore though.


[1] https://wiki.strongswan.org/projects/strongswan/wiki/Duplicheck

More information about the Users mailing list