[strongSwan] transform policy without SPI?
Michael Schwartzkopff
ms at sys4.de
Tue Aug 16 14:29:19 CEST 2022
On 16.08.22 13:51, Tobias Brunner wrote:
> Hi Michael,
>
>>>> In the transform policy we see the connection but without SPIs
>>>> in "in" and "fwd" direction. An SPI does only exist for the "out"
>>>> direction. How is that possible?
>>>
>>> That's normal and always the case.
>>
>> Under what circumstance is that normal? After the termination of the
>> child connection?
>
> No, for any established CHILD_SA. strongSwan only sets the SPI on
> outbound policies, never on the others.
Oh yes. Now I see it in my test machine. Sorry for the noise.
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the Users
mailing list