Hi Emeric, >>> We would expect A to fragment messages since B can accept them anyway? >> >> No, it only will accept fragmented messages if A sends them even if not >> negotiated. But B will only negotiate fragmentation (and thus enable it >> if A wants to use it) if the option is set to yes. >> > > Then if A really wants to fragment its output messages, there is no option to > force it?
No, doing so without negotiating it isn't legal (only for IKEv1 when the first message is already fragmented, which is the main reason fragmented messages are always defragmented). But the option is enabled by default since 5.5.1 anyway. Regards, Tobias _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
