See https://github.com/libreswan/libreswan/issues/221
Currently:
- if local connection has mobike=yes but kernel support disabled -> fail
to load the connection. IPsec tunnel fails
- if local connection has mobike=yes but IKE negotiation resulted in
peer not supporting mobike -> succeeds connection but without mobike
The question is whether in the first case, we shouldn't really just
setup the connection but without mobike, perhaps log a big warning?
What do people prefer? Close 221 without changes and keep current
situation, or change code to allow loading the connection and bringing
it up without mobike ?
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
