[strongSwan] sendto on eth0 to IP:929 failed in main_outI1. Errno 1: Operation not permitted

Stefan Bauer stefan.bauer at cubewerk.de
Wed Dec 12 08:44:39 CET 2012

Dear Developers & Users,

We're using Linux strongSwan U4.5.1/K2.6.26-2-686f

Quite randomly - sometimes after a day, sometimes after 2 weeks a tunnel to a Bintec R3000 goes down and can not be established anymore:

vpngw01-n1:~# ipsec up customer
002 "customers" #123336: initiating Main Mode
003 ERROR: "customer" #123336: sendto on eth0 to customer-ip:929 failed in main_outI1. Errno 1: Operation not permitted
102 "customer" #123336: STATE_MAIN_I1: initiate 

Not only an ipsec down & ipsec up is restarting the tunnel. We have to do the following:

add auto=ignore to the connection
ipsec update
remove the auto=ignore
ipsec update

and only now we're able to bring up the tunnel.

Is this a known bug?
What can we do?

Please find our configuration here:


Best regards


More information about the Users mailing list