[strongSwan] aborting connections since upgrading to 4.5.0
Christoph Anton Mitterer
calestyo at scientia.net
Sat Jan 29 16:32:27 CET 2011
Any more ideas with respect to this issue?
strongswan is pretty much unusable this way (for me)...
On Sun, 2011-01-23 at 21:24 +0100, Andreas Steffen wrote:
> Hello Christoph,
> the only difference I'm seeing is that the peer side initiates the
> IKE_SA rekeying:
> 01/22/11 18:02:10 05[IKE] <1> 126.96.36.199 is initiating an IKE_SA
> but apparently the old IKE_SA is not that there are now two SAs.
> I don't know to which IKE_SA the existing CHILD_SA is now attached
> but Martin should know.
> On 23.01.2011 17:59, Christoph Anton Mitterer wrote:
> > Hi
> > I have two servers (with static IP and static connection), that have set
> > up an IPsec tunnel between them using charon.
> > Always one server initiates the connection (auto=start) and the other
> > one adds it only (auto=add).
> > dpdaction is also restart on the first one, and rekey=yes and reauth=no
> > (as of the - still unsolved? - bug I've reported here
> > https://lists.strongswan.org/pipermail/users/2010-October/005343.html)
> > All this happens on Debian sid.
> > Since I've upgraded to 4.5.0 (from 4.4.1) I now have the problem that
> > after some time (below a day), the connection aborts and is not
> > correctly restarted.
> > (I've attached some log messages.)
> > When I do an ipsec restart, than the connection is created again
> > correctly.
> > Any ideas? (If you need further data, please ask.)
> > Thanks,
> > Chris.
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5677 bytes
Desc: not available
More information about the Users