[strongSwan] 'closing CHILD' log entry not always present with charon-systemd
Noel Kuntze
noel.kuntze+strongswan-users-ml at thermi.consulting
Sat Dec 2 18:47:06 CET 2017
I'd say that iOS never closes a CHILD_SA, but rather an IKE_SA or just forgets it or the connection is interrupted because the device goes to sleep.
IIRC Windows closes a CHILD_SA if it's not used, expired or needs to be rekeyed. Sometimes a bug in Win10 is encountered and it closes the CHILD_SA because of that.
Just client specifics.
On 02.12.2017 17:49, bls s wrote:
>
> I’m using charon-systemd with two different connection types: eap-mschapv2 (for iOS) and pubkey for use with Windows. The ‘closing CHILD’ log entry IS present with pubkey connections as in:
>
>
>
> Dec 1 08:47:34 xunil charon-systemd[708]: closing CHILD_SA ikev2-pubkey{4} with SPIs c700f912_i (1201208 bytes) 57fa7898_o (48931713 bytes) and TS 0.0.0.0/0 === 10.92.10.2/32
>
>
>
> But there is no such entry with eap-mschapv2.
>
>
>
> Why is it not included with eap-mschapv2?
>
>
>
> Thanks
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171202/2933f272/attachment.sig>
More information about the Users
mailing list