[strongSwan] iOS Device Not Connecting on LTE after using WiFi

Joshua Gross joshua at surfeasy.com
Wed Apr 10 22:27:50 CEST 2013


I have an iOS device that on LTE, continually fails to negotiate a
connection with a StrongSwan server.  When I turned on AirPlane mode and
turned on LTE again, it suddently started working.

I know the times don't line up, but this issue happened a number of times

Anyone have any idea about this?

Iphone Logs

Apr 10 15:53:49 Anuaimi-iPhone-5 racoon[6434] <Debug>: 76 bytes message
received from *remote-server*[4500] to 25.186.230.35[4500]
Apr 10 15:53:49 Anuaimi-iPhone-5 racoon[6434] <Debug>: start search for
IKE-Session. target *remote-server*[4500].
Apr 10 15:53:50 Anuaimi-iPhone-5 racoon[6434] <Debug>: still search for
IKE-Session. this *remote-server*[4500].
Apr 10 15:53:50 Anuaimi-iPhone-5 racoon[6434] <Debug>: Pre-existing
IKE-Session to *remote-server*[4500]. case 1.
Apr 10 15:53:50 Anuaimi-iPhone-5 racoon[6434] <Error>: mode config 6
from *remote-server*[4500], but ISAKMP-SA 05feba2cf5456f1e:10c313a91bba5f06
isn't established.
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: Adding NON-ESP marker
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: 1520 bytes from
25.186.230.35[4500] to *remote-server*[4500]
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: sockname
25.186.230.35[4500]
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: send packet from
25.186.230.35[4500]
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: send packet to
*remote-server*[4500]
Apr 10 15:53:52 Anuaimi-iPhone-5 racoon[6434] <Debug>: @@@@@@ data being
sent:

StrongSwan Logs

r 10 19:46:58 14[IKE] received retransmit of request with ID 0,
retransmitting response
Apr 10 19:46:58 14[NET] sending packet: from *remote-server*[4500] to
24.114.27.137[16653] (2476 bytes)
Apr 10 19:47:01 15[NET] received packet: from 24.114.27.137[16653]
to *remote-server*[4500] (1516 bytes)
Apr 10 19:47:01 15[IKE] received retransmit of request with ID 0,
retransmitting response
Apr 10 19:47:01 15[NET] sending packet: from *remote-server*[4500] to
24.114.27.137[16653] (2476 bytes)
Apr 10 19:47:03 16[IKE] sending retransmit 2 of request message ID
3860739891, seq 1
Apr 10 19:47:03 16[NET] sending packet: from *remote-server*[4500] to
24.114.27.137[16653] (76 bytes)
Apr 10 19:47:13 10[NET] received packet: from 24.114.27.137[16653]
to *remote-server*[4500] (1516 bytes)
Apr 10 19:47:13 10[IKE] received retransmit of request with ID 0,
retransmitting response
Apr 10 19:47:13 10[NET] sending packet: from *remote-server*[4500] to
24.114.27.137[16653] (2476 bytes)
Apr 10 19:47:16 11[IKE] sending retransmit 3 of request message ID
3860739891, seq 1
Apr 10 19:47:16 11[NET] sending packet: from *remote-server*[4500] to
24.114.27.137[16653] (76 bytes)


ipsec.conf
conn iphone-general
  keyexchange=ikev1
  rightauth=pubkey
  rightauth2=xauth-pam
  left=%defaultroute
  leftid=@ipsec.surfeasy.mobi
  leftsubnet=0.0.0.0/0
  leftfirewall=yes
  leftcert=defaultCert.pem
  right=%any
  rightsubnet=10.253.0.0/16
  rightsourceip=10.253.0.0/16
  # Require all subject fields to be matched by star
  # As well as CA's pull in
  rightid="C=DEF, ST=*, L=*, O=*, CN=*, E=*"
  auto=add
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130410/1ad34815/attachment.html>


More information about the Users mailing list