Just following up.
I am using a version of the kernel that supports both the 128 bit and 96 bit
SHA_256 options. You were 100% correct on the remote peer using the wrong key.
What appears to be happening is the P1\P2 SAs actually establish using
SHA2_256_128 but the remote peer was actually u
Hi Indira,
> I configured ipsec tunnel between (H1 and H2) using ikev2 template. And
> when I send some traffic, the IPSec-SAs are getting established with out
> any issues.
> But when I issue "setkey -F" on the local node (H1), the remote node(H2)
> SADs are not getting flushed.
> There is no del
Hi,
I configured ipsec tunnel between (H1 and H2) using ikev2 template. And
when I send some traffic, the IPSec-SAs are getting established with out
any issues.
But when I issue "setkey -F" on the local node (H1), the remote node(H2)
SADs are not getting flushed.
There is no delete message sent to
Hi Eric,
> I have a situation where ESP packets appear to be getting mangled on the
> remote peer whenever I use SHA2-256-128 for Phase2 (ESP). I can
> establish the SAs from the Strongswan to the remote peer no problem.
> However, I get no packets returned after establishing the tunnel.
Not su
Hi Sanjay,
> How is the frequency of IKE_SA_INIT request defined, I see in the logs
> a request is sent at intervals of 4,8,13,23, 42 seconds.
>
> Is this frequency customizable.
See, http://wiki.strongswan.org/projects/1/wiki/Retransmission.
Regards,
Tobias
__