Re: [strongSwan] Some Question About NAT-T and DPD

weiping deng wrote: > Hi Both， > > I have the following questions need your answer. Please help me, thanks. > > Q1: > About the NAT-T, whether strongswan supports: “Detecting and Honouring > the NAT device changing its public address”? > In principle such a situation can be detected by observing

Re: [strongSwan] About finding whether the VPN tunnel is working or not

Yeah, this should work. Andreas bhanushali_bhav...@emc.com wrote: > Hello All , > The following is the situation : > > 1] I am writing code to check whether VPN tunnels are working or not in > my system > > 2] So I do "ipsec status" and it shows me some output . I

[strongSwan] Some Question about the configuration payload

Hi Both， Excuse me. I have the following questions about the configuration payload: Q1： In current version of strongswan, whether the internal DNS can be assigned by server when peer initiates the request for it with the same configuration payload for virtual IP request? If internal DNS c

[strongSwan] About finding whether the VPN tunnel is working or not

Hello All , The following is the situation : 1] I am writing code to check whether VPN tunnels are working or not in my system 2] So I do "ipsec status" and it shows me some output . I am thinking of grepping for "ESTABLISHED" and "INSTALLED" and If I find these wor

[strongSwan] 答复: 答复: question about th e handling of identity payload during t he procedure of EAP-SIM and EAP-AKA

Hi Martin, About the identity payload (http://marc.info/?l=strongswan-users&m=125352578718423&w=2), I still have the following questions: 1) Whether the latest version added "the identity payload handling code for EAP-AKA" is released? 2) In latest version of strongswan, Identity is default-set

[strongSwan] Some Question About NAT-T and DPD

Hi Both， I have the following questions need your answer. Please help me, thanks. Q1: About the NAT-T, whether strongswan supports: “Detecting and Honouring the NAT device changing its public address”? Q2: About the DPD, in IKEv2, the default value of DPD timeout (dpdtimeout) = ? L

[strongSwan] StrongSwan stops trying to restart a dpd'd connection

Hello all, A little background. I am still trying to get a robust solution for restarting IPsec connections. I asked this a while ago: https://lists.strongswan.org/pipermail/users/2009-January/003058.html Martin helped out by pointing out the keyingtries=%forever configuration parameter. This

Re: [strongSwan] trouble packaging strongswan for fedora / rhel thx to autoconf

Hi, > Shouldn't strongswan use mysql_config during configure to begin with? Yes, sounds reasonable. I have updated [1] the build system to use mysql_config. Regards Martin [1]http://wiki.strongswan.org/repositories/revision/1/84074347 ___ Users mail

Re: [strongSwan] Trouble on establishing ESP channel

Salut Jean-Paul! > A tcpdump on LAN interface Debian box shows the icmp request packets. > A tcpdump on Public interface Debian box shows no icmp request packet. I have a similar setup here at our site. Regarding tcpdump you should see: - An outgoing ESP packet. (icmp request encrypted) - An inc

Re: [strongSwan] trouble packaging strongswan for fedora / rhel thx to autoconf

Shouldn't strongswan use mysql_config during configure to begin with? (sadly mysql doesn't ship pkg-config .pc files) cheers, Tommi Kyntola Martin Willi wrote: > Hi, > >> Since fedora stores the mysqlclient_r library in /usr/lib/mysql and not >> in /usr/lib, the configure script as it is now w

Re: [strongSwan] trouble packaging strongswan for fedora / rhel thx to autoconf

Hi, > Since fedora stores the mysqlclient_r library in /usr/lib/mysql and not > in /usr/lib, the configure script as it is now won't find the library > when --enable-mysql is used. What about invoking ./configure with LDFLAGS="-L/usr/lib/mysql" ? Regards Martin _