Hi Martin,
Thanks for your quick response.
But then why its not showing SA as ESTABLISHED while its indeed ESTABLISHED
and working fine for IKEv1:
M1 (Octean):
IKEv1
Ipsec version:
Linux strongSwan U4.5.3/K2.6.32.60-1-lfs130202-
ci1-fct
Output:
root@172:~ ipsec status
000 conn1:
10.10.10.0/24===10.10.10.8[CN=RY110409750.nokiasiemensnetworks.comhttp://10.10.10.0/24===10.10.10.8%5BCN=RY110409750.nokiasiemensnetworks.com,
O=Nokia Siemens Networks]...10.10.10.9[10.10.10.9]===10.10.10.0/24;
erouted; eroute owner: #2
000 conn1: newest ISAKMP SA: #1; newest IPsec SA: #2;
000
000 #2: conn1 STATE_QUICK_I2 (sent QI2, IPsec SA established);
EVENT_SA_REPLACE in 12280s; newest IPSEC; eroute owner
000 #2: conn1 esp.ca76e203@10.10.10.9 (168 bytes, 11s ago)
esp.c01555e3@10.10.10.8 (168 bytes, 11s ago); tunnel
000 #1: conn1 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in
10778s; newest ISAKMP
000
*Security Associations (0 up, 0 connecting):*
none
is this a known issue and pluto daemon do not support this?
On Wed, Apr 24, 2013 at 4:24 PM, Martin Willi mar...@strongswan.org wrote:
Hi,
Linux strongSwan U4.5.3/K2.6.32.60-1-lfs130202-ci1-fct
Linux strongSwan U5.0.2/K2.6.18-128.el5
Why is there such a difference between two outputs?
strongSwan 5.x introduces a completely new implementation of the IKEv1
protocol in the charon daemon (that previously handled IKEv2 only).
4.x used a different implementation of IKEv1, the pluto daemon.
Regards
Martin
--
Anuj Aggarwal
.''`.
: :Ⓐ : # apt-get install hakuna-matata
`. `'`
`-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
