Project

General

Profile

Issue #3439

Difference in behavior of AH and ESP protocol IPSEC IKEV2 connection is is ended

Added by Sowmya Pola 5 months ago. Updated 5 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
configuration
Affected version:
5.8.4
Resolution:

Description

Hi Team,

When I established two different IPSEC connections with AH and ESP protocols, I could see that when IPSEC connection is ended when lifetime is expired, in AH case the connection is still up but no packet flow whereas in ESP case the connection is ended.

Could you please explain us why there is a discrepancy in the behavior of these protocols.

Please find more information as an attachment.

Thanks & Regards,
Sowmya Pola.

AH_rekeying.txt (6.33 KB) AH_rekeying.txt Sowmya Pola, 08.05.2020 09:34
ESP_rekeying.txt (4.73 KB) ESP_rekeying.txt Sowmya Pola, 08.05.2020 09:34

History

#1 Updated by Tobias Brunner 5 months ago

  • Category set to configuration
  • Status changed from New to Feedback

Your rekey settings are invalid (look at all the negative numbers in the log). Please refer to ExpiryRekey for details.

Also available in: Atom PDF