[Swan] multiple child SA

Paul Wouters paul at nohats.ca
Fri Sep 4 12:54:00 UTC 2020

On Fri, 4 Sep 2020, Mehboob Ansari wrote:

> Please provide information on how to use below parameters in Ipsec.
> 1. extended sequence number (esn )

Add esn=yes. probably also tweak replay-window= to 256 or 1024 ?


> 2. IPsecRekeylifetimeTime.

Add salifetime=

> 3. PLMNID in IKESA Table, how to validate it.

Can you point to an RFC on this? I have no idea how PLMNID would be
communicated at the IKE or IPsec level.


More information about the Swan mailing list