On 23.03.2017 11:34, Hoggins! wrote: > - shouldn't the client try to reestablish a connexion if DPD shows > that there is no answer, like... quite fast ?
Depends on the retransmission settings it uses. > - couldn't the "new" server just say to the client "back off man, I > don't know your SAs, please just reauth with me, and we'll see what we > can do" ? Maybe. I don't know if there's something in the RFCs about that. However, any message would be unauthenticated, so the client would probably ignore it. -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
