[strongSwan] aborting connections since upgrading to 4.5.0
Andreas Steffen
andreas.steffen at strongswan.org
Sun Jan 23 21:24:32 CET 2011
Hello Christoph,
the only difference I'm seeing is that the peer side initiates the
IKE_SA rekeying:
01/22/11 18:02:10 05[IKE] <1> 84.16.235.61 is initiating an IKE_SA
but apparently the old IKE_SA is not that there are now two SAs.
I don't know to which IKE_SA the existing CHILD_SA is now attached
but Martin should know.
Regards
Andreas
On 23.01.2011 17:59, Christoph Anton Mitterer wrote:
> Hi
>
> I have two servers (with static IP and static connection), that have set
> up an IPsec tunnel between them using charon.
>
> Always one server initiates the connection (auto=start) and the other
> one adds it only (auto=add).
> dpdaction is also restart on the first one, and rekey=yes and reauth=no
> (as of the - still unsolved? - bug I've reported here
> https://lists.strongswan.org/pipermail/users/2010-October/005343.html)
>
> All this happens on Debian sid.
>
>
> Since I've upgraded to 4.5.0 (from 4.4.1) I now have the problem that
> after some time (below a day), the connection aborts and is not
> correctly restarted.
> (I've attached some log messages.)
>
> When I do an ipsec restart, than the connection is created again
> correctly.
>
>
> Any ideas? (If you need further data, please ask.)
>
>
> Thanks,
> Chris.
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list