Re: [strongSwan] AH Transport AES-128 GMAC

Hi Tobias, Thank you very much for your help and detailed description. I checked the responder's daemon.log, and found the the same error messages you've mentioned. I think, our customer will accept this fact and will choose a different integrity algorithm or switch to ESP. Best regards,

Re: [strongSwan] AH Transport AES-128 GMAC

Hi Gyula, > I'm running the test between two identical Debian 8.6 VMs. > Both have the same version of strongSwan (v5.5.1), compiled withe the > same switches. I was able to reproduce this in our testing environment. On the responder you should have seen the following messages: > [CHD] no

[strongSwan] Reauthentication causes communication interruption

I have the following setup: [my-app] ==TLS==> [stunnel --TCP--> strongSwan] ++IPSEC++> [thirdparty-app] Where stuff happening [within brackets] happens in the same machine. Every once in a while, I the following log lines below. After that, according to [my-app] logs, data was sent to stunnel

Re: [strongSwan] can strongswan monitor multiple interfaces for sending IKE packets out

In this current scenario, we are using libipsec module and not kernel libipsec. Also MOBIKE is enabled. Thanks, Ravikanth On Thu, Nov 10, 2016 at 8:00 AM, Ravi Kanth Vanapalli < vvnrk.vanapa...@gmail.com> wrote: > I am having multiple interfaces on my device.All with active internet >

[strongSwan] can strongswan monitor multiple interfaces for sending IKE packets out

I am having multiple interfaces on my device.All with active internet connection. We have the possibility of using source routing to route the packets over any interface. Default route is also present In this context I have two questions. 1) When routing packets towards the ipsec gateway, how

[strongSwan] Need help

Dear All, My self guru prasad working on some collage project and iam very new to IPSec strongswan My use case Client <> Router <--> Network <---> Server/gateway [MPTCP] [MPTCP] Here Client is behind NAT and it has 3 LTE interfaces[ multiple interfaces - different IP]

[strongSwan] Is it possible to force re-keying?

Hi All, Our customer has some special requirements on the ipsec solution. One of them is to be able force re-keying in a host-host scenario. I searched the online documentation, but didn't find any information about it. Is it possible? Best regards, Gyula Kovacs

Re: [strongSwan] AH Transport AES-128 GMAC

Hi Tobias, I'm sorry, but my test environment description was not detailed enough. I'm running the test between two identical Debian 8.6 VMs. Both have the same version of strongSwan (v5.5.1), compiled withe the same switches. (./configure --prefix=/usr --sysconfdir=/etc --enable-openssl