[strongSwan] Windows Vista/7 issue
Nickola Kolev
nikky at minus273.org
Thu Apr 21 15:24:48 CEST 2011
Hello guys,
Here's what I have:
Debian Lenny system, which is running strongswan 4.2.4-5+lenny3 (I know this is somewhat
old, so I've tested the setup with 4.4.1 from Squeeze and with 4.5.1 from strongswan.org
- the results are the same), along with xl2tpd 1.2.0 (tested with 1.2.7 - same results).
Besides those, there are freeradius 2.0.4+dfsg-6 and ppp 2.4.4 which take part in the
game. When Windows XP or MacOSes connect, everything is normal and connections last for
several hours without any problems. I have to use ikev1, because of the various nature of
clients, who still support only ikev1, and not v2.
Here's the problem:
When a Windows Vista or 7 connects as a client, the connection is dropped after one hour
(sometimes more, but usually exactly one hour).
Here's what I have tried:
- Tried different versions of Strongswan and XL2TPD. The situation is the same.
- Tried playing with DPD (I know that Vista and 7 do not support DPD, or at least do not
offer it during the initial negotiations). No luck.
- tried with both type=tunnel and type=transport
By playing with DPD I mean enabling dpdaction=clear (same with restart) and experimenting
with different values for dpdtimeout and dpddelay.
You can see the attached config of strongswan. I will try to get a log from such session
if needed.
Can someone suggest what am I doing wrong?
--
Best regards,
Nickola
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.conf
Type: application/octet-stream
Size: 1220 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110421/5eec41b7/attachment.obj>
More information about the Users
mailing list