I have a rather silly problem, which comes of strongSwan's pluto being too efficient ;)
When I initiate a connection, such that I start phase 2 immediately after completing phase 1, pluto transmits the phase 2 start packet to the peer (a Cisco that I have no control over) so fast that the peer isn't ready for it. It seems to treat this situation as an attack of some sort, and deletes the phase 1 that was just negotiated. I have found two ways to work around this, both of which are ugly: - set plutodebug=all. This makes pluto slow enough that it won't outrun the peer, but fills my logs with stuff I don't want to read. It's also very delicate - if I had a faster machine, it probably still wouldn't be slow enough. - add a 1 second sleep in quick_outI1 as a "speed bump". I don't feel right submitting such a patch as a feature request, as it feels like a dirty hack. Is there any other way to slow pluto down? What should I do? _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
