[strongSwan] ipsec status: 500 lines CONNECTING,
Axel Zöllich
a.zoellich at kirsch.zoellich.de
Mon Aug 18 21:01:24 CEST 2014
After working flawlessly for some days an ikev1 tunnel gives me 500 lines like:
jung[2975]: CONNECTING,
xxx.xxx.162.192[xxx.xxx.157.103]...xxx.xxx.157.103[%any]
jung[2974]: CONNECTING,
xxx.xxx.162.192[xxx.xxx.157.103]...xxx.xxx.157.103[%any]
jung[2973]: CONNECTING,
xxx.xxx.162.192[xxx.xxx.157.103]...xxx.xxx.157.103[%any]
jung[2972]: CONNECTING,
xxx.xxx.162.192[xxx.xxx.157.103]...xxx.xxx.157.103[%any]
jung[2971]: CONNECTING,
xxx.xxx.162.192[xxx.xxx.157.103]...xxx.xxx.157.103[%any]
[...]
As this happens at 3 o'clock in the night there seems to be correlation to ppp
reconnect. But on the other side it doesn't happen every nigth. The ppp uses a
fixed IP.
conn %default
ikelifetime=120m
keylife=100m
rekeymargin=3m
keyingtries=%forever
keyexchange=ikev1
authby=secret
reauth=no
dpdaction=restart
conn jung
ikelifetime=86400
keylife=21600
esp=3des-sha1-modp2048
ike=3des-sha1-modp2048
left=xxx.xxx.162.192
leftsubnet=192.168.222.0/24
leftid=xxx.xxx.157.103
leftfirewall=yes
right=xxx.xxx.157.103
rightsubnet=192.168.1.0/24
rightid=%any
auto=route
Any hints?
More information about the Users
mailing list