[strongSwan] Traffic selector modification ignored when rekeying SA
FRECHIN and Co
regis.frechin22 at orange.fr
Tue Aug 22 10:31:49 CEST 2017
Hi Tobias,
one last question :-) : in our opinion, is this something I can do using Vici interface?
thanks,
Régis
> Message du 21/08/17 16:04
> De : "Tobias Brunner"
> A : "FRECHIN and Co" , "Mike Taylor" , "'Sarefrech'" , users at lists.strongswan.org
> Copie à :
> Objet : Re: [strongSwan] Traffic selector modification ignored when rekeying SA
>
> Hi,
>
> > So as of today, the only way to update traffic selector list for a given
> > connexion with strongswan is to wait for the next reauthentication,
> > meaning potential packet drops during the process.
>
> If the remote end's config allows it, you can create a new CHILD_SA with
> new TS and remove the old one.
>
> Regard,
> Tobias
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170822/e6a40b90/attachment.html>
More information about the Users
mailing list