[strongSwan] Sending INIT_CONTACT during "ipsec up .... "

Marko Burazin morkitz at gmail.com
Wed Nov 9 16:04:27 CET 2016


As I understood from the docs, if one uses "uniqueids=keep" in the "config
setup" section of the ipsec.conf file, strongswan should send the
INIT_CONTACT message with the first IKE_AUTH request sent to the peer.

But, I also see that if I use "rightid=%any" in the same ipsec.conf file in
the "conn" section, this INIT_CONTACT is NOT being sent with IKE_AUTH
request. It's only if I use a more specific selector in the rightid
parameter that INIT_CONTACT is being sent with IKE_AUTH request when
bringing the connection up.

What is the reason for this ? Is it the expected behaviour ?

Thanks in advance.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161109/1367361d/attachment.html>

More information about the Users mailing list