Hi Tobias, Thanks for the answer.
I thought that somehow the peer identity is stored internally in the client after the peer responds... Considering what you said, why then if I use a rightid parameter like this: rightid="C=*, ST=*, O=*, OU=*, CN=*" using wildcards does indeed result in sending the INIT_CONTACT in the IKE_AUTH request... Shouldn't the same apply when you use wildcards then ? Because in this case also is not determined on what the exact peer identity is, but still the INIT_CONTACT is being sent...? Regards, Marko. On Mon, Nov 14, 2016 at 11:40 AM Tobias Brunner <[email protected]> wrote: > Hi Marko, > > > What is the reason for this ? Is it the expected behaviour ? > > Yes, how could the client know that this is the first IKE_SA with the > peer if it doesn't know the peer's identity (rightid=%any)? > > Regards, > Tobias > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
