[strongSwan] Fwd: Help needed for problem when auto= add configured.
bhargav p
bhargav.1226 at gmail.com
Mon Aug 28 13:36:08 CEST 2017
Hi,
Can someone please reply to below query.
Thanks for the help.
-Bhargav
---------- Forwarded message ----------
From: bhargav p <bhargav.1226 at gmail.com>
Date: Wed, Aug 23, 2017 at 10:01 AM
Subject: Help needed for problem when auto= add configured.
To: users at lists.strongswan.org
Hi,
Setup Details:
=============
Host1 ====================== Host2
[auto=add]
[auto=start]
Both hosts are Ubuntu machines. Intentionally configured auto=add on Host1,
because I do not want any initiation request from Host1.
When I enable(start) ipsec on Host2, IKE and CHILD_SA established between
Host1 and Host2.
Then, did “ipsec stop” and “ipsec start” on Host1, when ipsec stop is
executed, DELETE payload was sent to Host2, and Host2 deleted IKE and CHILD
SA.
As auto=add is configured on Host1, no negotiation is started from Host1 ,
and Host2 flushed its SAs, it also did not start the negotiation.
Tried closeaction, but for every rekey , upon deletion of closing old SA,
new SA is getting triggered. With shorter lifetimes, there are frequent SAs
getting created.
Is there any other option in strongswan to restart one new negotiation
when Delete Payload is received?
Thanks for the help.
-Bhargav
--
Regards
_______________________________________________
Puvvada Bhargav
R&D Engineer | NOKIA SIEMENS NETWORKS* India* | Bangalore
Mob. + 919741040458
puvvada.bhargav at nsn.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170828/862cf2d9/attachment.html>
More information about the Users
mailing list