[strongSwan] Problems with IKEv1 Dead-Peer-Detection in 5.0.1
Dmitry Korzhevin
dmitry.korzhevin at stidia.com
Tue Oct 23 11:47:16 CEST 2012
Hello,
After update to 5.0.1 i have some problems with mac os users from client
side.
Strange messages in log from client side:
23/10/12 11:44:00,857 racoon[1625]: IKE Packet: transmit success.
(Information message).
23/10/12 11:44:00,857 racoon[1625]: IKEv1 Information-Notice: transmit
success. (R-U-THERE?).
23/10/12 11:44:00,857 racoon[1625]: IKEv1 Dead-Peer-Detection: request
retransmitted. (Initiator DPD Request).
23/10/12 11:44:05,860 racoon[1625]: IKE Packet: transmit success.
(Information message).
23/10/12 11:44:05,860 racoon[1625]: IKEv1 Information-Notice: transmit
success. (R-U-THERE?).
23/10/12 11:44:05,860 racoon[1625]: IKEv1 Dead-Peer-Detection: request
retransmitted. (Initiator DPD Request).
23/10/12 11:44:10,863 racoon[1625]: IKE Packet: transmit success.
(Information message).
23/10/12 11:44:10,863 racoon[1625]: IKEv1 Information-Notice: transmit
success. (R-U-THERE?).
23/10/12 11:44:10,863 racoon[1625]: IKEv1 Dead-Peer-Detection: request
retransmitted. (Initiator DPD Request).
23/10/12 11:44:15,866 racoon[1625]: IKE Packet: transmit success.
(Information message).
23/10/12 11:44:15,866 racoon[1625]: IKEv1 Information-Notice: transmit
success. (R-U-THERE?).
23/10/12 11:44:15,866 racoon[1625]: IKEv1 Dead-Peer-Detection: request
retransmitted. (Initiator DPD Request).
23/10/12 11:44:20,870 racoon[1625]: IKEv1 Dead-Peer-Detection: maximum
retransmits. (DPD maximum retransmits).
23/10/12 11:44:20,872 configd[17]: IPSec Controller: IKE FAILED. phase
6, assert 0
23/10/12 11:44:20,873 configd[17]: IPSec disconnecting from server
176.9.1.119
23/10/12 11:44:20,876 racoon[1625]: IPSec disconnecting from server
176.9.1.119
23/10/12 11:44:20,876 racoon[1625]: IKE Packet: transmit failed.
(Information message).
23/10/12 11:44:20,876 racoon[1625]: IKEv1 Information-Notice: transmit
failed. (Delete IPSEC-SA).
23/10/12 11:44:20,899 racoon[1625]: IPSec disconnecting from server
176.9.1.119
Connection config:
conn ios
dpdaction = none
authby=xauthpsk
xauth=server
left=176.9.1.119
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=0.0.0.0/0
rightsourceip=10.2.0.0/24
auto=add
Full clients log: http://dpaste.com/817048/
I add string 'dpdaction = none', according to wiki page, to exclude dpd
usage.
Please, advice, where better to look about this problem?
Best Regards,
Dmitry
---
Dmitry KORZHEVIN
System Administrator
STIDIA S.A. - Luxembourg
e: dmitry.korzhevin at stidia.com
m: +38 093 874 5453
w: http://www.stidia.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4488 bytes
Desc: ���������������������������������� �������������� S/MIME
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121023/ab579e5f/attachment.bin>
More information about the Users
mailing list