[strongSwan] Dynamic client hangs up randomly.

Gary Smith gary.smith at holdstead.com
Sat Mar 5 07:48:27 CET 2011


Ping 

> -----Original Message-----
> From: users-bounces+gary.smith=holdstead.com at lists.strongswan.org
> [mailto:users-bounces+gary.smith=holdstead.com at lists.strongswan.org] On Behalf
> Of Gary Smith
> Sent: Wednesday, March 02, 2011 11:14 AM
> To: 'strongSwan user list'
> Subject: [strongSwan] Dynamic client hangs up randomly.
> 
> I use the work randomly, but I think it was around midnight this time. It
> happened other times during the day last week.
> 
> This is my home office that had connections to all 3 segments of the 3 segment
> ipsec cloud. The cloud itself is working flawlessly now (after migrating the
> final openswan to strongSwan). On the home office when I do an ipsec start, the
> tunnels come up just fine. At some point they can no longer talk to the 3
> segment vpn servers and it just stops. I'm not sure why. Last night it appared
> to happen at around midnight, so I thought I'd look at that as a possible
> trigger. The home office is on a dynamic IP which hasn't changed in several
> months (since I logged it last -- maybe a year+).
> 
> Here is the dump from the log file where it actually dies:
> 
> Mar  2 00:03:20 charon: 03[KNL] creating rekey job for ESP CHILD_SA with SPI
> ca7282eb and reqid {5}
> Mar  2 00:03:20 charon: 06[IKE] establishing CHILD_SA fre-ben{5}
> Mar  2 00:03:20 charon: 06[IKE] establishing CHILD_SA fre-ben{5}
> Mar  2 00:03:20 charon: 06[ENC] generating CREATE_CHILD_SA request 4 [
> N(REKEY_SA) SA No TSi TSr ]
> ... First sending/retrans happens right after rekey 00:03:20
> Mar  2 00:04:49 hsbenfiw01 charon: 13[IKE] retransmit 5 of request with message
> ID 4
> Mar  2 00:04:49 hsbenfiw01 charon: 13[NET] sending packet: from HOMEOFFICE[500]
> to REMOTENETWORK[500]
> Mar  2 00:06:05 charon: 03[KNL] creating delete job for ESP CHILD_SA with SPI
> ccdb20b0 and reqid {5}
> Mar  2 00:06:05 charon: 12[IKE] giving up after 5 retransmits
> Mar  2 00:06:05 vpn: - ...
> Mar  2 00:06:05 charon: 12[KNL] received netlink error: No such process (3)
> Mar  2 00:06:05 charon: 12[KNL] unable to delete SAD entry with SPI ccdb20b0
> 
> What's my best course at this time?
> 
> Gary Smith
> 
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users




More information about the Users mailing list