added new features
This commit is contained in:
parent
0e3073608d
commit
3eac4dfdda
20
NEWS
20
NEWS
|
@ -1,10 +1,30 @@
|
||||||
strongswan-4.1.6
|
strongswan-4.1.6
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
|
- Since some third party IKEv2 implementations run into
|
||||||
|
problems with strongSwan announcing MOBIKE capability per
|
||||||
|
default, MOBIKE can be disabled on a per-connection-basis
|
||||||
|
using the mobike=no option. Whereas mobike=no disables the
|
||||||
|
sending of the MOBIKE_SUPPORTED notification and the floating
|
||||||
|
to UDP port 4500 with the IKE_AUTH request even if no NAT
|
||||||
|
situation has been detected, strongSwan will still support
|
||||||
|
MOBIKE acting as a responder.
|
||||||
|
|
||||||
|
- the default ipsec routing table plus its corresponding priority
|
||||||
|
used for inserting source routes has been changed from 100 to 220.
|
||||||
|
It can be configured using the --with-ipsec-routing-table and
|
||||||
|
--with-ipsec-routing-table-prio options.
|
||||||
|
|
||||||
- the --enable-integrity-test configure option tests the
|
- the --enable-integrity-test configure option tests the
|
||||||
integrity of the libstrongswan crypto code during the charon
|
integrity of the libstrongswan crypto code during the charon
|
||||||
startup.
|
startup.
|
||||||
|
|
||||||
|
- the --disable-xauth-vid configure option disables the sending
|
||||||
|
of the XAUTH vendor ID. This can be used as a workaround when
|
||||||
|
interoperating with some Windows VPN clients that get into
|
||||||
|
trouble upon reception of an XAUTH VID without eXtended
|
||||||
|
AUTHentication having been configured.
|
||||||
|
|
||||||
- ipsec stroke now supports the rereadsecrets, rereadaacerts,
|
- ipsec stroke now supports the rereadsecrets, rereadaacerts,
|
||||||
rereadacerts, and listacerts options.
|
rereadacerts, and listacerts options.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue