Hi,
I have tunnel setup. with Strongswan 4.5.3
I am trying to renegotiate the SA using soft-life expiry by sending netlink
message XFRM_MSG_EXPIRE.
Linux receives the netlink message as below:
Command: ip xfrm monitor
Expired src 192.168.67.1 dst 192.168.67.2
proto esp spi 0x05e547c2 reqid 0 mode transport
replay-window 0
sel src 192.168.50.0/24 dst 192.168.51.0/24
hard 0
Below message is also printed by Strongswan (Pluto running in debug mode)
“received a XFRM_MSG_EXPIRE”
However, I do not see any further messages which indicate update SA or
re-negotiation happening between the two endpoints.
Even packet capture shows that OLD spi being used.
Is soft-life expiry using netlink message XFRM_MSG_EXPIRE support working
in StrongSwan?
Thanks,
Digambar
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
