Hi, I have sent this earlier, but haven't received a reply. Anyone got an idea on why this behaviour is seen... Or should I raise a bug report ?
"As I understood from the docs, if one uses "uniqueids=keep" in the "config setup" section of the ipsec.conf file, strongswan should send the INIT_CONTACT message with the first IKE_AUTH request sent to the peer. But, I also see that if I use "rightid=%any" in the same ipsec.conf file in the "conn" section, this INIT_CONTACT is NOT being sent with IKE_AUTH request. It's only if I use a more specific selector in the rightid parameter that INIT_CONTACT is being sent with IKE_AUTH request when bringing the connection up. What is the reason for this ? Is it the expected behaviour ?" Thanks again. Regards, Marko. On Wed, Nov 9, 2016 at 4:04 PM Marko Burazin <[email protected]> wrote: > Hi, > > As I understood from the docs, if one uses "uniqueids=keep" in the "config > setup" section of the ipsec.conf file, strongswan should send the > INIT_CONTACT message with the first IKE_AUTH request sent to the peer. > > But, I also see that if I use "rightid=%any" in the same ipsec.conf file > in the "conn" section, this INIT_CONTACT is NOT being sent with IKE_AUTH > request. It's only if I use a more specific selector in the rightid > parameter that INIT_CONTACT is being sent with IKE_AUTH request when > bringing the connection up. > > What is the reason for this ? Is it the expected behaviour ? > > Thanks in advance. > > Regards, > Marko. >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
