sorry for my wrong expression.
I mean that I setup a connection,
the sequence of message is following.
1. IKE_SA_INIT
2. IKE_SA_INIT
3. IKE_AUTH
4. IKE_AUTH
when the connection was rekeyed,
*I found the sequence of strongswan is like this, w*hich will lost the
tunnel for a while.
to delete the
I just want to the message as the following, without to set reauth=no.
1. IKE_SA_INIT
2. IKE_SA_INIT
3. IKE_AUTH
4. IKE_AUTH
5. INFORMATIONAL (deleting IKE_SA)
6. INFORMATIONAL (deleting IKE_SA confirm)
___
Users mailing list
Users@lists.strongswan.org
h
I set the IKERekey time as following:
conn %default
ikelifetime=6m
keylife=3m
rekeymargin=1m
keyingtries=2
rekeyfuzz =0%
but I found that the message always like the following, this will
cause the stop of data transfer.
1. INFORMATIONAL (deleting IKE_SA)
2.
Hi all
1. Can I update the proposals used a SA.
for example:
I setup a sa used the proposal as following and start the connection
ike=3des-md5-modp1024!
can I change the proposal to the other without stopping the connection.
ike=3des-md5-modp2048!
use the ipsec update or reload, can finish th