[strongSwan] ignoring request with ID 1,already processing
ili
wangcaiyun198600 at 163.com
Wed Oct 19 12:07:42 CEST 2011
Hi,
I want to use the external dhcp function of strongswan to allocate IP to the
client,but there is always existing errors as follows:
...
localhost charon:13[IKE] peer requested virtual IP %any
localhost charon:13[IKE] sending DHCP DISCOVER to 10.10.10.20
localhost last message repeated 2 times
localhost charon:09[MGR] ignoring request with ID 1,already processing
localhost charon:13[CFG] sending DHCP DISCOVER to 10.10.10.20
localhost charon:13[IKE] sending DHCP DISCOVER to 10.10.10.20
localhost charon:05[MGR] ignoring request with ID 1,already processing
localhost charon:13[CFG] DHCP DISCOVER timed out
localhost charon:13[CFG] acquiring address from pool 'dhcp'failed
localhost charon:13[CFG] no virtual IP found,sending INTERNAL_ADDRESS_FAILURE
localhost charon:13[CFG] configuration payload negotiation failed,no CHILD_SA
built
...
10.10.10.20 is my SecGW's IP.
Is the problem of dhcpd.conf or strongswan.conf ?
The strongswan.conf :
charon{
...
plugins{
...
dhcp
{
server = 10.10.10.20
}
...
}
my dhcpd.conf is:
ddhs-update-style none;
ignore client-updates;
share-network LOCAL{
subnet 10.10.10.0 netmask 255.255.255.0{
}
subnet 127.0.0.0 netmask 255.0.0.0{
}
subnet 10.2.0.0 netmask 255.255.0.0{
}
pool{
option routers 10.2.0.1;
max-lease-time 66666;
range 10.2.0.10 10.2.0.100;
}
}
my client's ipsec.conf:
conn AU
left=10.10.10.204
...
right=10.10.10.20
...
my SecGW's ipsec.conf:
conn SecGW
left =10.10.10.20
...
leftsubnet=10.1.0.0/16
rightsourceip=%dhcp
...
I will appreciate your help!
More information about the Users
mailing list