Hi Robert,
I am using the sample configurations [1] to setup the
ikev2/ip-two-pools-v4v6 and notice one thing related to the routing:
I don't know your kernel version, but in an older mail I've found:
IKE charon daemon (strongSwan 5.0.1rc1, Linux 2.6.18-238.el5, x86_64)
Is this still
Hello,
Can you help please to determine if there are any issues at initialization and
during the life of an IPsec tunnel if CRLs are retrieved via this same IPsec
tunnel?
There are any additional issues if the connection uses the configuration
payload in order to request a Virtual IP to peer?
Hi,
Can you help please to determine if there are any issues at
initialization and during the life of an IPsec tunnel if CRLs are
retrieved via this same IPsec tunnel?
Fetching a CRL inside the tunnel to check the certificate status for the
same tunnel does not work: it is a hen-egg problem.
Hi Martin,
Thank you for clarification
Regards
Mugur
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Hi Mirko,
* Charon on OpenWrt was unable to perform the MOBIKE address update;
eventually the IKE SA was destroyed and reestablished.
This issue has already been reported [1]. In your case the ongoing
(but, due to unusable addresses, unsuccessful) DPD exchange blocks the
MOBIKE task. Once
Thank you Andreas for this usefull information
Regards
Mugur
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users