[strongSwan-dev] [Strongswan]: Node is replying for ISAKMP message for unconfigured connection

[jegathesh malaiyappan]

Hi,



*Strongswan : 4.5.3 *



*NODE A*  ß
-----------------------------------------------------------------------àNODE
B

(Initiator &
Responder)
(Initiator & Responder)



NODE A ---à conn403 is configured in NODE A

NODE B  --à conn403 is not configured in NODE B



NODE A is sending ISAKMP message to NODE B. This is excepted behavior.



But, NODE B is responding for this un-configured connection message.



Is this expected behavior in Strongswan? Please clarify me this.



<snip>

conn conn403

  type=tunnel

  leftsubnet=4.1.1.1/32

  rightsubnet=40.1.1.100/24

  left=4.1.1.1

  right=4.1.1.10

  keyexchange=ikev2

 reauth=no

  ike=aes128-sha1-modp1024,3des-sha1-modp1024!

  ikelifetime=84395s

  esp=aes128-sha1,3des-sha1!

  authby=pubkey

  rightid=%any

  leftid="192.168.255.129"

  keylife=86400s

  dpdaction=restart

  dpddelay=10

  dpdtimeout=120

  rekeyfuzz=50%

  rekeymargin=180s

</snip>


Thanks in advance.


-Jegathesh

_______________________________________________
Dev mailing list
Dev@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/dev