[Openswan Users] "IPsec SA established" but ESP onlt in one
direction
Herbert Xu
herbert at gondor.apana.org.au
Fri Aug 27 21:30:44 CEST 2004
Jacco de Leeuw <jacco2 at dds.nl> wrote:
>
>> Is it possible that such identifier does not match with the
>> onr ipec is waiting for?
>
> I guess you should see error messages rejecting these packets then.
No you won't. Otherwise it'd be trivial to DoS.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list