> On May 28, 2015, at 1:40 PM, Tero Kivinen <kivi...@iki.fi> wrote: > > Yoav Nir writes: >> When the tunnel is first set up, it is negotiated in the IKE_AUTH >> exchange. Diffie-Hellman is not performed, so the mismatched >> configuration is not detected - traffic flows through the tunnel. > > If your setup is set to that you configure only one Diffie-Hellman for > the IKEv2, which is then used for both IKE SA and Child SAs, then you > would notice this misconfiguration immediately.
My product has a separate configuration for phase 1 Diffie-Hellman group and phase 2 Diffie-Hellman group. Thinking it over, I cannot explain why this is needed, but at least StrongSwan also specifies ESP groups separately from IKE groups. >> After a while, one of the gateways attempts to rekey the tunnel, or >> else create a new tunnel with the same peer. This time the tunnel is >> set up using the CREATE_CHILD_SA exchange. The SA payload will >> contain the wrong DH group and the exchange will fail, resulting in >> traffic flow stopping. > > When the last Child SA gets deleted from the IKE SA, you should most > likely shut down the IKE SA, or at least if all the rekeys fails, you > should start from the beginning. > >> As far as I can tell, this behavior is consistent with the RFC, but >> the user experience is very strange. Traffic should either flow or >> not flow - it should not stop at rekeying. > > IKEv2 tries to notice some misconfigurations, but it cannot catch them > all. IKEv1 caught that particular one. >> Am I missing something? > > Do not misconfigure your systems… I’ll tell the users… Yoav _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec