[strongSwan] virtual IP assignement fails if previous tunnel not properly shutdown
martin at strongswan.org
Thu Dec 2 12:07:20 CET 2010
> My pool is already quite large and has many addresses available.
The memory pool in 4.4.1 is limited to a single IP for each ID. This has
been fixed with 4.5.0, where you can assign multiple leases to the same
identity. Upgrading your server to 4.5.0 should fix the problem.
> Do you know when strongSwan detects that the tunnel is dead and
> releases the lease for the IP otherwise?
Depends on your configuration, ~2min after the server initiates an
exchange on this connection. This exchange might be triggered by a
rekey, or can be enforced with DPD checks (man ipsec.conf for dpd).
More information about the Users