On Sat, 23 Jun 2018, D. Hugh Redelmeier wrote:
| > Which notification error type? Maybe some XAUTH draft spells this
| > out. Failing that, RFC 2408 specifies 26 for ADDRESS-NOTIFICATION but
| > doesn't seem to suggest when it might be used or what it means.
| > Googling only gets me obsolete drafts. We don't currently generate
| > it.
|
| I guess there is INTERNAL_ADDRESS_FAILURE (36) or TEMPORARY_FAILURE (43)
|
| Note that according to RFC 7296, the first must result in the IKE SA
| being established while the second one does not.
This situation is IKEv1 and those codes are for IKEv2. Too bad.
Ahh oops.
Yeah ADDRESS-NOTIFICATION is defined in RFC 2408 but with zero
explanation of what it is supposed to mean. I would not use it.
So maybe use the good old NO_PROPOSAL_CHOSEN fallback?
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
