Tom Hsiung

16:07 strongSwan Issue #3494: How to create self CA and public key in encryption algorithms of ECDSA 521: Just forgot to change the RSA to ECDSA.
Not it works.
However, I want to switch site2site certificates from RSA...
15:03 strongSwan Issue #3494: How to create self CA and public key in encryption algorithms of ECDSA 521: OK.
Now it says,...
13:16 strongSwan Issue #3494 (Feedback): How to create self CA and public key in encryption algorithms of ECDSA 521: I created ECDSA private via:...

13:56 strongSwan Issue #3487 (Feedback): pkcs12 failed - No certificate matches private key: Hello,
Last week I tried to set up a new strongswan server on my Google Cloud VMs. But during the public key set u...

18:32 strongSwan Issue #3464 (Feedback): Is it safe to upgrade from Ubuntu 18.04 TLS to 20.04 TLS: Hello,
I just learned that Ubuntu 20.04 TLS had been released. However, some strongswan plugins has been removed f...

15:02 strongSwan Issue #3369: Possible to set size limit for UDP packet because of double encapsulation: Thanks. But I intend to use two-layer encapsulation, just for fun. Yep, I fixed the issue for TCP packets, quite easy...

08:57 strongSwan Issue #3369: Possible to set size limit for UDP packet because of double encapsulation: Yep, lowering the MTU of the outgoing interface is a good method. But I have macOS and iOS native IKEv2 clients softw...
07:39 strongSwan Issue #3369 (Feedback): Possible to set size limit for UDP packet because of double encapsulation: Dear, everyone
The native IKEv2 IPsec kernel would use an MTU of 1400 bytes. So after first layer of encapsulation...

12:12 strongSwan Issue #3314: VPN connection dropped after overnight: Can I use the iOS's DPD (once every a minute) to maintain NAT mapping?
Tom
11:10 strongSwan Issue #3317 (New): Two directions potential NAT conflict in site to site mode: As shown in the photo, site 2 site mode could be initialized from each side.
Goal: to use iptables to custom the p...

Also available in: Atom

strongSwan