Hi,
1 - I have a case where our device is not able to process the inbound
encrypted
packets due to spi mismatch but device is able to encrypt and transmit the
outbound packets.
This can be possible in following scenario.
a- only inbound SA has been deleted but outbound SA still present.
But is it
possible that strongswan delete only inbound SA but it still
maintain outbound SA ?
b- Both inbound and out bound SA are present but inbound packets
having spi that does
not match inbound SA spi ? But how can a remote gateway can send
a packet with different spi when
negotiation has happened on some otehr spi ? is it possible ?
2- Is it possible that local and remote peer, both act as initiator and
responder at the same time ?
is there any possibility of any error if both side act as initiator and
responder ?
How does we ensure strongswan only act as initiator or responder ?
Thanks in advance.
Regards,
Bhashkar
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
