[strongSwan-dev] Confusion about rekeying/issue when using Radius
Harry Stark
stark.harry at yahoo.co.uk
Mon Apr 28 18:27:09 CEST 2014
Hi,
I'm using Radius to do xauth (After certificate auth so using xauth2).
It is authenticating and working great for the first connection, but if I drop the connection from the client (Roadwarrior) without doing a proper close, and then have it reconnects this happens>
1. It authenticated and connects fine
2. But it also logs this:
detected rekeying of CHILD_SA [conn profile]{1}
3. And also shows an additional entry under ipsec status:
[conn profile]{1}: REKEYING, TUNNEL, expires in 76 days
And then I don't have any Internet access at all... can't ping or get any data through the tunnel at all.
I can't seem to prevent the REKEYING - and not sure if that is the problem either?
Any ideas?
If I do the same setup without the Radius and just use xauth-noauth for the last step then everything runs well.
H.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140428/b4af73d8/attachment-0001.html>
More information about the Dev
mailing list