Re: [strongSwan-dev] [strongswan ]: Multiple IKE SA initiated for with Same Connection Name version 4.5.3

Mon, 08 Apr 2013 03:22:31 -0700 

Hi,

Anyone idea on this issue for "Multiple IKE SA" request for same
connection? Is there any bug in strongswan version 4.5.3 for this scenario?

Thanks.
Jegathesh.M


On Sat, Apr 6, 2013 at 4:33 PM, jegathesh malaiyappan <[email protected]
> wrote:

> Hi,
>
> *Strongswan Version*:  4.5.3
>
> I have a two policy with same Local End point and remote end point , as a
> connection name of *"conn2 & conn3"*.
>
> One IKE SA and Two Child SA Established successfully. Otherend, i am
> downing the strongswan and IKE SA and Two Child SA's are deleted.
>
> Now, I am re-triggering the two connection using the following,
>
> *         ipsec up conn2 & *
>
> *         ipsec up conn3 & *
>
> But, two IKE SA established with name of  conn2.
>
>
>
> <snip>
>
> conn2[2]: ESTABLISHED 7 seconds ago, 11.1.1.1[192.168.255.129]...11.1.1.10
>
>        conn2[2]: IKE SPIs: 285b6ac581fd9df5_i* d16466cdf884bcc2_r,
> rekeying in 23 hours
>
>        conn2[2]: IKE proposal:
> AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>
>
>
>        conn2[3]: ESTABLISHED 7 seconds ago,
> 11.1.1.1[192.168.255.129]...11.1.1.10
>
>        conn2[3]: IKE SPIs: 902b959bb0edd0d7_i* 55c7d31308336b14_r,
> rekeying in 23 hours
>
>        conn2[3]: IKE proposal:
> AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>
>  </snip>
>
>
>
> Strongswan Logs:
>
> ==============
>
>
>
> 2004-01-01T00:06:40.739454+00:00 10 [info]      charon:  16[CFG] received
> stroke: initiate 'conn2'
>
> 2004-01-01T00:06:40.739507+00:00 10 [info]      charon:  16[CFG] received
> stroke: initiate 'conn2'
>
> 2004-01-01T00:06:40.740338+00:00 10 [info]      charon:  14[IKE]
> initiating IKE_SA conn2[2] to 11.1.1.10
>
> 2004-01-01T00:06:40.740378+00:00 10 [info]      charon:  14[IKE]
> initiating IKE_SA conn2[2] to 11.1.1.10
>
>
>
> 2004-01-01T00:06:40.752523+00:00 10 [info]      charon:  08[CFG] received
> stroke: initiate 'conn3'
>
> 2004-01-01T00:06:40.752571+00:00 10 [info]      charon:  08[CFG] received
> stroke: initiate 'conn3'
>
> 2004-01-01T00:06:40.753148+00:00 10 [info]      charon:  15[IKE]
> initiating IKE_SA conn2[3] to 11.1.1.10
>
> 2004-01-01T00:06:40.753187+00:00 10 [info]      charon:  15[IKE]
> initiating IKE_SA conn2[3] to 11.1.1.10
>
>
>
> Is this expected behaviour in strongswan?
>
>
>
> Please someone help me on this.
>
>
>
> --
>
> By
>
> M.Jegathesh,
>
>
>
>


-- 
By
M.Jegathesh,
Bangalore

_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev

Reply via email to