Hi All,
I am using LOAD setup of strongswan as client for EAP_AKA scenario and
getting a couple of issues.
1. I am able to get the call established. But the problem is child SA rekey
is not getting started (i cannot see CREATE_CHILD_SA messages going out)
from strongswan on the other hand IKE SA rekey is working fine.
2. When i am initiating ping with newly assigned virtual IP then ESP
packets are not going out.
strongswan.conf that i am using :
charon {
filelog {
/var/log/charon.log {
ike_name = yes
default = 4
}
}
reuse_ikesa = no
plugins {
load-tester {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce
x509 curl revocation hmac stroke kernel-netlink socket-default fips-prf
eap-identity eap-aka eap-aka-3gpp2 updown
enable = yes
initiators = 1
iterations = 1
delay =
fake_kernel = yes
responder = 172.19.21.249
proposal = aes128-sha1-modp1024
initiator_auth = eap
responder_auth = pubkey
initiator_id = [email protected]
responder_id = moon.strongswan.org
proposal = aes128-sha1-modp1024
request_virtual_ip = yes
ike_rekey = 50
child_rekey = 30
delete_after_establishment = no
shutdown_when_complete = no
}
}
#integrity_test = yes
}
Can anyone suggest me solution for above issues.
Thanks in advance.
Regards,
Sunny
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
