Hi, Thinking it might be something with my earlier config, I created a simple one-liner:
ikev2 esp from 172.16.1.2 to 172.16.1.3 However iked does not appear to be sending out any packets ? Which I thought would be the case in its default active mode ? It seems to just load the config and then sit there doing nothing ? $ doas iked -dvvv ikev2 "policy1" passive esp inet from 172.16.1.2 to 172.16.1.3 local 172.16.1.2 peer 172.16.1.3 ikesa enc aes-256,aes-192,aes-128,3des prf hmac-sha2-256,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group modp2048,modp1536,modp1024 childsa enc aes-256,aes-192,aes-128 auth hmac-sha2-256,hmac-sha1 lifetime 10800 bytes 536870912 rfc7427 /etc/iked.conf: loaded 1 configuration rules ca_privkey_serialize: type ECDSA length 171 ca_pubkey_serialize: type ECDSA length 124 config_getpolicy: received policy config_getpfkey: received pfkey fd 3 config_getcompile: compilation done config_getsocket: received socket fd 4 config_getsocket: received socket fd 5 config_getsocket: received socket fd 6 config_getsocket: received socket fd 7 config_getmobike: no mobike ca_privkey_to_method: type ECDSA method ECDSA_384 ca_getkey: received private key type ECDSA length 171 ca_getkey: received public key type ECDSA length 124 ca_dispatch_parent: config reset ca_reload: local cert type ECDSA config_getocsp: ocsp_url none ikev2_dispatch_cert: updated local CERTREQ type ECDSA length 0
