[strongSwan] having issue while establishing tunnel with public key authentication mode

Yogesh Purohit yogeshpurohit2 at gmail.com
Fri Jan 18 04:53:37 CET 2019

Hi Tobias,

Thank you for the answer.

So same scenario should be working with Ike-v2.
I will use IKEv2 for same scenario.


On Thu, Jan 17, 2019 at 7:52 PM Tobias Brunner <tobias at strongswan.org>

> Hi Yogesh,
> > I have two ends of site to site VPN where both are configured with
> > strongswan and version IKEv1.
> Please use IKEv2 if you have strongSwan on both sides, no reason to use
> a deprecated protocol.
> > Is it normal behavior of strongswan, that we can establish only one
> > tunnel at a time on the same machine using same certificate(RSA) ?
> > Or what is the expected behavior in this case ?
> Yes, this is the default behavior, a single IKE_SA per pair of
> identities.  Have a look at the uniqueids option (or unique in
> swanctl.conf).
> Regards,
> Tobias

Best Regards,

Yogesh Purohit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190118/8310d971/attachment.html>

More information about the Users mailing list