<html>

  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <p>Good morning all,</p>

    <p>I have a Ubuntu server 20.04 with two Strongswan connections. One

      is fine and up all the time. The second is a copy of the first

      config with other IP addresses and an other secret and is all the

      time connecting even it has already established one connection

      working. Found one person that had something similar witch had

      something to do with set dpdaction and closeaction but after a few

      tries didn't get result and bringing down the connection all the

      time gave to much interruptions for the client. So basically i

      have a working connection and only get interruptions when it is

      being reestablished.</p>

    <p>Hope someone can tell me what i am doing wrong or if this is a

      problem at the other end or can me give me some pointers to

      debugging.<br>

    </p>

    <p>===== Conn1 ====<br>

      conn Conn1<br>

       left=31.3.111.111<br>

       right=77.94.111.111<br>

       leftsubnet=10.33.3.0/24<br>

       rightsubnet=172.31.1.0/24<br>

       ike=aes256-sha1-modp1024<br>

       keyexchange=ikev2<br>

       reauth=no<br>

       ikelifetime=86400s<br>

       compress=no<br>

       authby=secret<br>

       esp=aes256-sha1-modp1024<br>

       type=tunnel<br>

       auto=start<br>

       keyingtries=%forever<br>

       dpdaction=restart<br>

       closeaction=restart</p>

    <p><br>

      ===== ipsec.secrects =====<br>

      # This file holds shared secrets or RSA private keys for

      authentication.<br>

      <br>

      # RSA private key for this host, authenticating it to any other

      host<br>

      # which knows the public part.<br>

      <br>

      %any 77.94.111.111 : PSK "<sec1>"<br>

      %any 90.145.222.222 : PSK "<sec2>"<br>

    </p>

    <p><br>

    </p>

    <p>Output from <i>sudo ipsec status<br>

        =========================</i><br>

      <br>

      Security Associations (2 up, 670 connecting):<br>

          Conn1[2466]: ESTABLISHED 16 minutes ago,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1{5461231}:  INSTALLED, TUNNEL, reqid 637, ESP SPIs:

      c1f5asdf_i 725asdf_o<br>

          Conn1{5461231}:   10.33.3.0/24 === 172.31.1.0/24<br>

          Conn1[2464]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2460]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2457]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2455]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

        OtherConnection[2454]: ESTABLISHED 6 hours ago,

      31.3.111.111[31.3.111.111]...90.145.222.222[90.145.222.222]<br>

        OtherConnection{5459235}:  INSTALLED, TUNNEL, reqid 634, ESP

      SPIs: c38asdff_i c919asdf_o<br>

        OtherConnection{5459235}:   10.33.3.0/24 === 100.222.222.0/21<br>

          Conn1[2451]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2447]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2440]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2439]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2437]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2434]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2432]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2430]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2429]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2426]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2425]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2422]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2421]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2418]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2412]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2411]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

          Conn1[2409]: CONNECTING,

      31.3.111.111[31.3.111.111]...77.94.111.111[77.94.111.111]<br>

      ============================<br>

    </p>

    <pre class="moz-signature" cols="72">-- 

Met vriendelijke groet,

Ben</pre>

  </body>

</html>