Hi Siddesh, > Seeing the below behaviour in strognswan: > Strongswan code is used for ePDG model,UE is sending IKE_AUTH request to > ePDG, gateway receives it but even before sending out IKE_AUTH response > for this request, it is receiving one more IKE_AUTH(retrnsmitted) > request from UE and strongswan stack is sending out IKE_SA_INIT response > to this request.
That seems highly unlikely. If this actually happened, send more information like strongSwan version, applied patches, log files, traffic dumps etc. > I feel, when Gateway receives retransmitted request before even reponse > is prepared for that request, it should drop it. If response is prepared > then, that should be sent out. As long as the request is processed no other message for the same IKE_SA can be processed (it's locked). And responding with a message with a different message ID is also something that doesn't happen. Regards, Tobias
