Hi, Has strongswan 5.x removed the check for invalid cookies in DPD requests. I see that only the sequence number check is done. In 4.6.x, this check was done (and logged as a Broken Cisco in ipsec_doi.c). I have a scenario where I have a setup with strongswan 4.6.x and run into this condition. Is it safe to remove this check (compiling strongswan with APPLY_CRISCO). I cannot upgrade strongswan to 5.x yet.
regards, matt.
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users