Hi,

I was going through the features of osmoepdg solution and thought to ask few questions regarding the implementations.

1. In most of deployment tunnel authentication is bypassed. So, even if UE send CERTREQ, it is getting ignored at ePDG. ePDG also doesn't send anything to UE.
Do you have any idea of how to implement that in strongswan or have you explored that earlier? I saw that in 3gpp 33.402 and RFC 5996, certificate things are optional.

However, I know that strongswan authentication is tightly coupled, so just trying understand if you have already bypass it by doing any changes in strongswan or atleast know how it should be done.

2. There are many error and status codes written in ePDG standard 24.302 clause 8. Have you mapped all EPC core error to corresponding IKEv2 error or status codes?