[strongSwan] Issue: Same connection name for multiple IKE SA connections

[pankaj razdan]

Hello,

SetupI have one IKE Responder and two IKE initiators (with different identities) which are able to establish IKE SA with the responder successfully.VersionstrongSwan 5.7.2dr2 swanctl

IssueI want to establish additional CHILD_SA for each of these IKE-SA initiators from ResponderHowever, both initiators IKE entries at IKE responder are assigned same connection name "net-net". In my ipsec.conf settings, connection name is given as "net-net". My problem is that when I initiate CHILD_SA using swanctl --initiate command, then I cannot identify separate IKE-SAs as both are assigned same name by Charon daemon.I understand it takes names from the configuration and creates a new IKE SA or CHILD SA with the name mentioned in the config.
Please find output of command and ipsec.conf in the attached file.
Queries1. How to configure Responder so that we can have each IKE SA entry as a separate connection?My main aim is to create additional CHILD SAs for each IKE SA.
Warm Regards,Pankaj

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200430/c7fd64d1/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: strongswan_conn_name_issue.txt
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200430/c7fd64d1/attachment.txt>