Hi Tobias, Thank you for the answer.
So same scenario should be working with Ike-v2. I will use IKEv2 for same scenario. Thanks Yogesh On Thu, Jan 17, 2019 at 7:52 PM Tobias Brunner <tob...@strongswan.org> wrote: > Hi Yogesh, > > > I have two ends of site to site VPN where both are configured with > > strongswan and version IKEv1. > > Please use IKEv2 if you have strongSwan on both sides, no reason to use > a deprecated protocol. > > > Is it normal behavior of strongswan, that we can establish only one > > tunnel at a time on the same machine using same certificate(RSA) ? > > Or what is the expected behavior in this case ? > > Yes, this is the default behavior, a single IKE_SA per pair of > identities. Have a look at the uniqueids option (or unique in > swanctl.conf). > > Regards, > Tobias > -- Best Regards, Yogesh Purohit