[strongSwan] Problems with IKEv1 Dead-Peer-Detection in 5.0.1

Dmitry Korzhevin dmitry.korzhevin at stidia.com
Tue Oct 23 11:47:16 CEST 2012


Hello,

After update to 5.0.1 i have some problems with mac os users from client 
side.

Strange messages in log from client side:

23/10/12 11:44:00,857 racoon[1625]: IKE Packet: transmit success. 
(Information message).
23/10/12 11:44:00,857 racoon[1625]: IKEv1 Information-Notice: transmit 
success. (R-U-THERE?).
23/10/12 11:44:00,857 racoon[1625]: IKEv1 Dead-Peer-Detection: request 
retransmitted. (Initiator DPD Request).
23/10/12 11:44:05,860 racoon[1625]: IKE Packet: transmit success. 
(Information message).
23/10/12 11:44:05,860 racoon[1625]: IKEv1 Information-Notice: transmit 
success. (R-U-THERE?).
23/10/12 11:44:05,860 racoon[1625]: IKEv1 Dead-Peer-Detection: request 
retransmitted. (Initiator DPD Request).
23/10/12 11:44:10,863 racoon[1625]: IKE Packet: transmit success. 
(Information message).
23/10/12 11:44:10,863 racoon[1625]: IKEv1 Information-Notice: transmit 
success. (R-U-THERE?).
23/10/12 11:44:10,863 racoon[1625]: IKEv1 Dead-Peer-Detection: request 
retransmitted. (Initiator DPD Request).
23/10/12 11:44:15,866 racoon[1625]: IKE Packet: transmit success. 
(Information message).
23/10/12 11:44:15,866 racoon[1625]: IKEv1 Information-Notice: transmit 
success. (R-U-THERE?).
23/10/12 11:44:15,866 racoon[1625]: IKEv1 Dead-Peer-Detection: request 
retransmitted. (Initiator DPD Request).
23/10/12 11:44:20,870 racoon[1625]: IKEv1 Dead-Peer-Detection: maximum 
retransmits. (DPD maximum retransmits).
23/10/12 11:44:20,872 configd[17]: IPSec Controller: IKE FAILED. phase 
6, assert 0
23/10/12 11:44:20,873 configd[17]: IPSec disconnecting from server 
176.9.1.119
23/10/12 11:44:20,876 racoon[1625]: IPSec disconnecting from server 
176.9.1.119
23/10/12 11:44:20,876 racoon[1625]: IKE Packet: transmit failed. 
(Information message).
23/10/12 11:44:20,876 racoon[1625]: IKEv1 Information-Notice: transmit 
failed. (Delete IPSEC-SA).
23/10/12 11:44:20,899 racoon[1625]: IPSec disconnecting from server 
176.9.1.119

Connection config:

conn ios
         dpdaction = none
         authby=xauthpsk
         xauth=server
         left=176.9.1.119
         leftsubnet=0.0.0.0/0
         leftfirewall=yes
         right=%any
         rightsubnet=0.0.0.0/0
         rightsourceip=10.2.0.0/24
         auto=add

Full clients log: http://dpaste.com/817048/

I add string 'dpdaction = none', according to wiki page, to exclude dpd 
usage.

Please, advice, where better to look about this problem?


Best Regards,
Dmitry

---
Dmitry KORZHEVIN
System Administrator
STIDIA S.A. - Luxembourg

e: dmitry.korzhevin at stidia.com
m: +38 093 874 5453
w: http://www.stidia.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4488 bytes
Desc: ���������������������������������� �������������� S/MIME
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121023/ab579e5f/attachment.bin>


More information about the Users mailing list