Hello again
Quick follow-up from myself:
We have narrowed the problem down to the reauthentication of the IKEv2 SA.
New findings: Alcatel DeskPhones are running Strongwan with following
parameters:
vpn: IKEv2, reauthentication every 3600s, no rekeying
local: 172.20.2.56
remote: Y.Y.Y.1
Hello All
This is a follow-up to my problem with a bunch of Alcatel DeskPhones 8058s
connecting to our StrongSwan using their built-in IPsec client with IKEv2 +
MS-CHAP/EAP + PSK:
https://lists.strongswan.org/pipermail/users/2020-October/014761.html
After a successful test period with a small
Am 22.10.20 um 16:21 schrieb Tobias Brunner:
No edge case, you have the duplicheck plugin loaded. Read [1] and then
disable it because it's only really useful for very specific use cases.
[...]
[1] https://wiki.strongswan.org/projects/strongswan/wiki/Duplicheck
Stupid me. :-/
Already ca
Hello All
We are connecting hardware IP phones with their built-in IPsec client to
our strongSwan server.
The phones can do IKEv2 with PSK plus EAP authentication.
Everything is working fine until two "road warrior phones" happen do
have the same RFC1918 IPv4 address within their correspondin