[strongSwan] OSPF == tons of security associations
Hose
hose+strongswan at bluemaggottowel.com
Mon Jan 9 19:29:37 CET 2017
What you say...Noel Kuntze (noel at familie-kuntze.de):
> On 05.01.2017 20:31, Hose wrote:
> > So from what I can tell each time it's doing an IKE re-key it's creating an
> > additional set of SAs. Any idea why this is occurring?
> Try disabling reauthentication and/or enabling make_before_break (strongswan.conf setting!).
>
Unfortunately I'm running 5.2.1 (Debian stable package) and it doesn't
look like it's supported until 5.3.0.; I may have to re-visit this some
other time when I can roll my own.
More information about the Users
mailing list