[strongSwan] virtual IP assignement fails if previous tunnel not properly shutdown
Benoit Foucher
benoit at bittrap.com
Thu Dec 2 12:51:22 CET 2010
Thanks for your help. I'll upgrade to 4.5.0.
Cheers,
Benoit.
On Dec 2, 2010, at 12:07 PM, Martin Willi wrote:
>
>> My pool is already quite large and has many addresses available.
>
> The memory pool in 4.4.1 is limited to a single IP for each ID. This has
> been fixed with 4.5.0, where you can assign multiple leases to the same
> identity. Upgrading your server to 4.5.0 should fix the problem.
>
>> Do you know when strongSwan detects that the tunnel is dead and
>> releases the lease for the IP otherwise?
>
> Depends on your configuration, ~2min after the server initiates an
> exchange on this connection. This exchange might be triggered by a
> rekey, or can be enforced with DPD checks (man ipsec.conf for dpd).
>
> Regards
> Martin
>
More information about the Users
mailing list