Hi,
> eNB - strongswan 5.1.3 + ALU customized patch for cert_id_binding
>
> With cert_id_binding=no, authentication fails, ("invalid IKE payload" is seen
> on the sgew)
What IKE implementation is running on the SeGW? Any more log details?
> We don't see this issue if we use strongswan 4.5.2-al4 on the eNB.
As said a few times, there are different ways how to handle that
non-upstream cert-id-binding option, and not all are compatible. The
-al4 version is more standards-compliant, but incompatible to all other
versions, including the 5.1.3 patch.
Regards
Martin
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
