[strongSwan] IPsec SAs closed unexpectedly

Bruno Linhares bruno at databras.com.br
Tue Nov 5 17:48:20 CET 2013


 

Mihai, 

I'm getting this behavior too, between strongswan and a
cisco device. The rekey is been doing every 20 seconds. 

Which one was
the "remote peer" you referred? Did you disabled DPD on strongswan with
dpdaction=none ? 

I did this but it doesn't solved. 

Em 2013-11-05
14:33, Mihai Maties escreveu: 

> On Thu, Oct 24, 2013 at 4:43 PM, Mihai
Maties <mihai at xcyb.org> wrote:
> 
>> One issue that I noticed so far, is
that while on Juniper the tunnels seem stable (i.e. rekeying occurs only
when the SAs are about to expire), on strongSwan some tunnels go down
after a short while. According to the logs, the other peer is actually
triggering the deletion of SAs.
> 
> After disabling dead peer detection
on the remote peer the tunnels seem stable. Are there any known issues
with DPD between strongSwan and Juniper devices? Their end is running
JunOS 10.4S5.2. 
> 
> Best regards, 
> Mihai 
> 
>
_______________________________________________
> Users mailing list
>
Users at lists.strongswan.org
>
https://lists.strongswan.org/mailman/listinfo/users [1]

-- 




Links:
------
[1] https://lists.strongswan.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20131105/e92ecca6/attachment.html>


More information about the Users mailing list