ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

swanctl.conf: IKEv2 fragmentation supported

This commit is contained in:
Andreas Steffen 2016-01-09 00:06:12 +01:00
parent 1990eeebfe
commit e333d4c0f1
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/swanctl/swanctl.opt
View File

@ -140,14 +140,15 @@ connections.<conn>.dpd_timeout = 0s
specified; this option has no effect on connections using IKE2. specified; this option has no effect on connections using IKE2.
connections.<conn>.fragmentation = no connections.<conn>.fragmentation = no
Use IKEv1 UDP packet fragmentation (_yes_, _no_ or _force_). Use IKE UDP datagram fragmentation. (_yes_, _no_ or _force_).
The default of _no_ disables IKEv1 fragmentation mechanism, _yes_ enables Use IKE fragmentation (proprietary IKEv1 extension or RFC 7383 IKEv2
it if support has been indicated by the peer. _force_ enforces fragmentation). Acceptable values are _yes_, _force_ and _no_ (the
fragmentation if required even before the peer had a chance to indicate default). Fragmented IKE messages sent by a peer are always accepted
support for it. irrespective of the value of this option. If set to _yes_, and the peer
supports it, oversized IKE messages will be sent in fragments. If set to
IKE fragmentation is currently not supported with IKEv2. _force_ (only supported for IKEv1) the initial IKE message will already
be fragmented if required.
connections.<conn>.send_certreq = yes connections.<conn>.send_certreq = yes
Send certificate requests payloads (_yes_ or _no_). Send certificate requests payloads (_yes_ or _no_).