FYI:
On Mon, 2010-10-04 at 12:36 +0200, Martin Willi wrote:
> Looks like a bug if reauth=yes is used in conjunction with
> dpdaction=restart and uniqueids=yes.
I've had it now running for some longer time with reauth = no, and it
seems that this really workarounds this :)
Cheers,
Chris.
smime.p
Few seconds after sending this off, I found unfortunately out that the
same might still happen:
1) I have my two hosts now, one with auto=start the other with auto=add,
both with reauth=no
Now when I do ipsec stop on the host with auto=start, the other host
doesn't close the connection.
Guess th
Hello,
The IKEv2 charon daemon does not support transport mode in the presence
of a NAT situation. The daemon automatically switches to tunnel mode.
The IKEv1 pluto daemon supports transport mode with NAT only with the
configure option --enable-nat-transport.
Regards
Andreas
On 10/05/2010 10:3
Hi.
I was playing around today with the margin* and life* options.
I did some testing whether there are interruptions during the time where
the key is renegotiated (any packages are lost)
(btw: Is this technically prevented?)
1) Is it true that when I e.g. specify both:
margintime = ...
marginb
I am trying to activate an IKEv2 transport mode tunnel that traverses a
NAT. It appears that, rather than sending the transport mode proposal I
configured, it is instead sending tunnel mode.
IKEv2 + tunnel mode + NAT works fine. So does IKEv1 + transport mode
without a NAT on the tunnel path, so
Hi all,
I'd like to add setting the two parameters NATTKeepaliveTimer and
IPsecWindowSize in ipsec.conf. Which section should I add the two parameters,
such as "conn" part of ipsec.conf ? I want to modify source codes to fit the
configurations, but I have no idea which section I should add