Hi Martin, Thanks for your very quick response. Can you let me know how re-authentication can be enabled? Is this an option compliant with RFC4306 because i could not find any re-authentication mechanism there. Or are you referring to RFC 4478?
Also is it supported in strongswan v4.2.8 as well? BR Sajal On Fri, Nov 14, 2014 at 4:48 PM, Martin Willi <[email protected]> wrote: > Hi Sajal, > > > If a IKEv2 tunnel is already established with a peer, then is this tunnel > > brought down automatically by strongswan > > No, the trust chain is validated during the initial tunnel setup only. > As reauthentication re-establishes the tunnel (if not disabled), the > trustchain gets re-evaluated periodically according to your ikelifetime. > > Regards > Martin > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
