> In this case, I believe that it is always us (the client) that > initiates rekeying. So, by proposing "aes-sha1-modp1024,aes-sha1!", > you could say that we are giving the SeGW a choice of whether it wants > us to perform a DH or non-DH CHILD_SA rekey ?
It should work. The client will always initiate with a KE payload. But the server may select the second proposal, and answer without the KE payload. I think this should work with never strongSwan releases (having the mentioned patch), but I can't speak for other implementations. > it would probably be rude for us to attempt a DH CHILD_SA rekey when > the SeGW has indicated a preference for a non-DH one ? :-) As long as the gateway did not initiate the rekey itself, it can't "indicate a preference". We don't know its preference until we've done a rekey. And it might change its preference, for example if it enforces a new DH exchange only after a given tunnel uptime. Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users