Hi Siddesh,

> Seeing the below behaviour in strognswan:
> Strongswan code is used for ePDG model,UE is sending IKE_AUTH request to
> ePDG, gateway receives it but even before sending out IKE_AUTH response
> for this request, it is receiving one more IKE_AUTH(retrnsmitted)
> request from UE and strongswan stack is sending out IKE_SA_INIT response
> to this request.

That seems highly unlikely.  If this actually happened, send more
information like strongSwan version, applied patches, log files, traffic
dumps etc.

> I feel, when Gateway receives retransmitted request before even reponse
> is prepared for that request, it should drop it. If response is prepared
> then, that should be sent out.

As long as the request is processed no other message for the same IKE_SA
can be processed (it's locked).  And responding with a message with a
different message ID is also something that doesn't happen.


Reply via email to