Hi:
Considering use cases where a strongSwan client is talking to a
non-strongSwan-based SeGW, I wonder how a strongSwan client responds in the
following situations:
1. the SeGW replies with an configuration payload reply containing and empty
address (length = 0)
2. the SeGW replies with an
, if the
SeGW can not fulfill the client's request for an IP address assignment.
-Original Message-
From: Martin Willi [mailto:mar...@strongswan.org]
Sent: Tuesday, June 26, 2012 12:04 PM
To: Pisano, Stephen G (Stephen)
Cc: users@lists.strongswan.org
Subject: Re: [strongSwan
on it?
Regards,
Stephen
-Original Message-
From: Martin Willi [mailto:mar...@strongswan.org]
Sent: Wednesday, June 20, 2012 3:47 AM
To: Pisano, Stephen G (Stephen)
Cc: users@lists.strongswan.org
Subject: Re: [strongSwan] Acquiring a DNS server address through config
payload
Hello Stephen,
so I
Hi:
How can I control the virtual IP version (i.e., v4 vs. v6) requested when using
'leftsourceip=%config'?
I am assuming that the code looks at the IP version of the outer tunnel address
and requests the same version type (just my guess), but the specific use case
of interest is IPv6 traffic
Any suggestions on ways to configure strongSwan to allow it to be the initiator
but not the responder?
Thanks,
Stephen
From: users-bounces+stephen.pisano=alcatel-lucent@lists.strongswan.org
Hi Martin:
Thanks.
It seems like we don't have the version with the monotonic time (4.3.3 vs.
4.3.5). Do you recall if it is a small change (i.e., easy for us to patch into
4.3.3)?
If you have a proper rekey configuration and use a monotonic time
source, the soft lifetime will rekey the SA
...@strongswan.org]
Sent: Friday, March 11, 2011 6:29 AM
To: Pisano, Stephen G (Stephen)
Cc: Torres, Eduardo M (Eduardo); users@lists.strongswan.org
Subject: RE: [strongSwan] IKE_SA gets deleted with no recovery after NTP
update
Further, I assumed regardless of what happens (short of
something catastrophic
Hi Martin:
Thanks.
Eduardo will follow-up on the monotonic time source lead you provided, but I
have a question regarding your second comment.
We thought it was possible (and we think we have it configured this way) to
have strongSwan try to establish its connections forever. I assumed