[Swan] RFC-5998 confusion, was Re: Failed to match authenticator
Paul Wouters
paul at nohats.ca
Mon Jan 30 02:41:20 UTC 2017
On Fri, 20 Jan 2017, Yaron Sheffer wrote:
>> Then what would be the point of the responder adding an AUTH payload in
>> the response that 5998 tells us to do? That was supposed to be the
>> "fallback" as far as I understood?
>
> The AUTH payload in message #4 is exactly what the responder should send in a
> standard IKEv2+EAP exchange (IKEv2 sec. 2.16).
Thanks, I read up on the section, and understand now how an AUTH payload
can be returned without having received one.
Paul
More information about the Swan
mailing list