Hi Simon,
Seems MOBIKE message processing needs to store the message's source IP
addr along with the other ADDITIONAL_IPV4_ADDRESS. Use ike_sa to
remember this address separately is not safe. It requires
code to add it in the additional_addresses list before it is overwritten
by
Sent: Friday, March 9, 2012 1:38:33 AM
Subject: Re: [strongSwan] MOBIKE switching bug in gateway with two external
interfaces
Hi Simon,
Seems MOBIKE message processing needs to store the message's source IP
addr along with the other ADDITIONAL_IPV4_ADDRESS. Use ike_sa to
remember
Dear list:
Our customer running StrongSwan 4.6.1 want to setup two external interfaces in
their VPN gateway, one for cellular and one for wi-fi.
They reported that the road warriors can only switch once. Subsequent attempts
to switch back to the initially connected interface won't work.
We
Greetings,
Just plowed through RFC 4555 and 4621 for guidance. The spec says put the
currently used address in the IP header
and the rest as additional addresses. Thus excluding me in the
additional_addresses list is correct.
But there is this sentence in rfc4621, section 6.4:
To support
