Hi Peter,
I see that both pluto and charon support the uniqueids option, which
ensures that each peer ID can only connect from one IP at a time. I
have a situation where some peers are generating multiple connections
from a single IP and the old ones are left hanging, generally until
they
Hi,
I am trying to configure ipsec using certificates.
I had generated openssl certificates with an ipv6 address (2002::5010:1) as
subjectAltName.
--
# openssl x509 -in cert.pem -noout -text
.
.
X509v3 Subject Alternative Name:
IP
Hello,
# ipsec stroke listcerts
List of X.509 End Entity Certificates:
altNames: 32.2.0.0
Any suggestion on how to proceed?
Yes, either update to at least 4.4.1 or apply the patch at [1].
Regards,
Tobias
[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=7a74295e
Hi.
I have a situation where ESP packets appear to be getting mangled on the remote
peer whenever I use SHA2-256-128 for Phase2 (ESP). I can establish the SAs
from the Strongswan to the remote peer no problem. However, I get no packets
returned after establishing the tunnel. The problem I
On Wednesday 28 March 2012 11:51 PM, eric_c_john...@dell.com wrote:
Hi.
I have a situation where ESP packets appear to be getting mangled on
the remote peer whenever I use SHA2-256-128 for Phase2 (ESP). I can
establish the SAs from the Strongswan to the remote peer no problem.
However, I
Hello,
How is the frequency of IKE_SA_INIT request defined, I see in the logs a
request is sent at intervals of 4,8,13,23, 42 seconds.
Is this frequency customizable.
Regards,
-sanjay
2012-03-29T00:49:20.000-04:00 [daemon] [info] mh-ums-sec1.ipc.com charon:
11[NET] sending packet: from