On 9/14/2017 11:53 AM, Andreas Steffen wrote:
Hi Jafar,
the mandatory nonce plugin is a nonce generator which returns
the requested number of random bytes. There are many other places in
the strongSwan code where nonces of variable size are needed
(e.g. for the IKE SPI or for the TLS client or s
Hi Jafar,
the mandatory nonce plugin is a nonce generator which returns
the requested number of random bytes. There are many other places in
the strongSwan code where nonces of variable size are needed
(e.g. for the IKE SPI or for the TLS client or server Hello).
Kind regards
Andreas
On 14.09.
Hi Andreas,
Thanks for the quick and thorough answer. I did not find that piece
of information (nonce size) in the documentation, but as you noted about
the source code, I did download and dig through the source code
yesterday and came across the the 32 byte number. Thanks for confirming
t
On 14 Sep 2017, at 11:23, Eric Germann wrote:
> I’ve found auto=route to be much more stable in AWS. Spins up when it’s down
> but needed and starts passing traffic.
Ok, thanx! I’ll let it run like this for a couple of days so I get a feel
for how it works and then try that if I have to..
s
Hi,
You're expected to use auto=route. It is normal, by design and common with all
other *swans, that auto=add does not initiate a connection.
You gotta read the manual/documentation before using the software.
Kind regards
Noel
On 14.09.2017 09:07, Chengcheng Fu wrote:
> Hi,
>
> After I manua
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
You need to use auto=route, otherwise the tunnel will not be established
(anymore) if it ever gets deleted by one side, a fatal error is encountered or
it can not
be established in the first place.
On 14.09.2017 12:23, Eric Germann wrote:
> I’ve
I’ve found auto=route to be much more stable in AWS. Spins up when it’s down
but needed and starts passing traffic.
EKG
> On Sep 14, 2017, at 6:21 AM, Turbo Fredriksson wrote:
>
> I’ve been playing with:
>
>type=tunnel
>auto=start
>dpdaction=restart
>dpddelay=2400s
>
> which
I’ve been playing with:
type=tunnel
auto=start
dpdaction=restart
dpddelay=2400s
which never worked. I’ve now changed this to:
type=tunnel
auto=start
dpdaction=restart
dpddelay=10
dpdtimeout=60
and so far so good. Although I haven’t waited long enough, so I’m
Hello, Noel. Thanks for the answer. Unfortunately, there is no way to
bypass.As a solution we can use the second white IP for Strongswan, and the
web server on the 1st IP.
2017-09-13 22:17 GMT+03:00 Noel Kuntze <
noel.kuntze+strongswan-users-ml@thermi.consulting>:
> Hi,
>
> That is because Window
Hi,After I manually bring up the tunnel from the spoke side, it has started working."ipsec up host-host".But is this normal??Regards,TerryOn Sep 13, 2017, at 07:12 PM, Chengcheng Fu wrote:Hi,The GRE tunnel is working on its own, it's like Strongswan is not even aware of it's happening, and not try
10 matches
Mail list logo
