[strongSwan-dev] Connections deleted and no DPD
James Hulka
jah at open.ch
Mon Aug 5 09:39:29 CEST 2013
Hello Strongswan team,
I have encountered the following situation which I do not understand:
site2site VPN between 2 hosts on 2 separate lines
host A eth0 <-- --> host B eth0
host A eth2 <-- --> host B eth2
normally both Tunnels are up and functioning however on the 1st of
August the eth0 Tunnel went down and did not come back up. In syslog on
both hosts I see the following:
Aug 1 14:00:07 charon: 09[IKE] IKE_SA A_eth0[94464] established between
A.A.A.A [A.A.A.A] ... B.B.B.B [B.B.B.B]
Aug 1 14:00:07 charon: 12[IKE] deleting IKE_SA A_eth0[94464] between
A.A.A.A [A.A.A.A]... B.B.B.B [B.B.B.B]
Aug 1 14:00:07 charon: 12[IKE] IKE_SA A_eth0[94459] established between
A.A.A.A [A.A.A.A]... B.B.B.B [B.B.B.B]
Aug 1 14:00:08 charon: 16[IKE] deleting IKE_SA A_eth0[94459] between
A.A.A.A [A.A.A.A]... B.B.B.B [B.B.B.B]
After this point DPD never kicks in (syslog has no entries for this
Tunnel), I assume this is because strongswan thinks the tunnel was
removed on purpose. The tunnel remained down until it was added again by
hand.
I am curious as to any ideas why the tunnel was removed and not
re-initiated.
Thank you for any help,
James
More information about the Dev
mailing list