Re: [strongSwan] turning off ikev1 reauthentication initiation from responder

Noel Kuntze Tue, 25 Aug 2015 09:26:53 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Am 25.08.2015 um 06:46 schrieb SM K:
>
> Is there a way to turn off IKEv1 reauthentication from strongswan when it is 
> a responder? We tried using reauth=no, but it does not work as expected.
>
rekey=no
reauth=no


Make sure you upgraded the firmware on the Juniper to a recent version.
Older versions of the SRX's firmware had broken IPsec implementations.
If the problem persists with a newer firmware, then it's probably another 
broken implementation
on the juniper side. Also make sure you use a recent version of strongSwan.

- -- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV3JbtAAoJEDg5KY9j7GZY0vcP/39FJqU1qHUiLZo/5V6ayXoz
pZZESOGBWTxWzwubfnh/L7XSFsnZ1d1NgQxhYDUVI0/n/2dVBwwd5H4zsIPs8Dzr
3fvCiMwKn/d/lhPWBkgDcXsmKvqeAfCh3RttbnwahcakVrrAizVyt9H/+uGQKn60
nT98PrzeDc8+kFTg8o/FTMK5LIYnOT1Icxj3aC5c6TlFMrkitj15LLk3roY8w1wn
aaGBV1HeED2PyNSm4MRUnfKVtAVpCnmPud38Tinvd5J3qLUyipdGb7XIB0dCocBr
SCxDCwBvG7ZFx5spRJTUk0mms0EWQ4SUQ0M+f1B47q9Q9OkgqgEE7sk23N5pn2ug
VyF3VmNeyl9C7JSttRIWqLk/aXCCtUyTAJ9O4IhrHEWu9SL5H+N2Qt3Q2YVoU1aa
0oV5nyT8QCr7oMdELHgiwM8UvDneuZSvQyH2yHT9LHCXlzJk1HkC0oaMDyL8PkUN
mni+ecOOhU4a++HUoQBRr06op7sxEFUd4/8DPziSQkuIVB6Cy+776Djhly8GWzUu
k+3mqx/K0zQg0B6C4MPpXJe4czuZ4aL0Rh6BB0JSarJxRih7YnG6OZJPlX2EPJvv
H8e5muVkzH4hpbXxxHdzsK4r+N7qCoDhQyOF3fGV9gNTyq21rrppPgtNbaXomhhb
K/Tkzjr/OzHV4gtp+tQ+
=xqnk
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] turning off ikev1 reauthentication initiation from responder

Reply via email to