[strongSwan] Dead Peer Detection - Strongswan Android Clients

Fri Jul 4 12:11:42 CEST 2014

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Ben,

You want dpdaction=restart and maybe want to set some values for dpddelay (30s) and dpdtimeout (150s).

Regards,
Noel Kuntze

GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 04.07.2014 12:05, schrieb Hay, Ben (TS Consulting):
> Hi
> 
>  
> 
> I currently have a Strongswan server implementation with Android clients. I can connect fine with no issues, however after a period of time the connection is no longer valid and cant access network resources behind the VPN server. This is not shown on the client side – which shows the connection as up with the key symbol in the android taskbar and the connected sign in the app itself.
> 
>  
> 
> After a period of time the server loses connection with the Android device. The server shows that the device is no longer connected however the client continues to show a good connection (but obviously no access to any resources  behind the VPN.)
> 
>  
> 
> I have been told this could be due to either rekeying parameters or the inclusion of dead peer detection. I would like to be reconnect in the background without any  user interference needed. Can anyone describe the config to allow this to happen. Below is my current config:
> 
>  
> 
>  
> 
> Thanks in advance, any help would be much appreciated.
> 
>  
> 
> Regards
> 
> * *
> 
> *Ben Hay*
> 
> Technology Consultant
> 
> 
> Technology Services (TS)
> 
> 
> ben.hay at hp.com <mailto:ben.hay at hp.com>
> T +447833048826
> Hewlett-Packard Ltd
> Amen Corner
> Cain Road
> Bracknell, Berkshire, RG12 1HN
> England
> 
>  
> 
> Planned Holiday / Training
> 
>  
> 
> 28^th July 2014 – 1^st August 2014
> 
> 22^nd December 2014 – 2^nd January 2015
> 
> HP <http://www.hp.com/>
> 
> Please print thoughtfully
> 
>  
> 
> --------------------------------------------------------------------------------
> Hewlett-Packard Limited registered Office: Cain Road, Bracknell, Berks RG12 1HN
> Registered No: 690597 England
> 
> The contents of this message and any attachments to it are confidential and may be legally privileged. If you have received this message in error, you should delete it from your system immediately and advise the sender.
> 
> To any recipient of this message within HP, unless otherwise stated you should consider this message and attachments as "HP CONFIDENTIAL".
> --------------------------------------------------------------------------------
> 
>  
> 
>  
> 
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTtn3eAAoJEDg5KY9j7GZYGLAP/0rfC1SXD+TmvmCtwxoOlMww
LTZDs+ObYm6FhcyOQ5tPqcmLQchIw276/S9cbmcd4jqxCylsrXCCfLisjEpASwDU
tHwogqRbjTeUaDqoN3AbOdoSoWPqlmCkjwXJ/GIpcVzKK4i85hzbEaVAgrr26pRr
xRiRxTxrHvELOc1Q64pOoDGoPnKc2ZIZhTUeNf4y29+IoIiDK/KxOY1mgP5D2UM0
0n3sXmtksJUIZ9mAU7+fY85zyKW2DO/dClqrNKs4MW0PYn4h3nobVrFHoi1CZeS0
HsVmDfuVr8JSuwTsS0gjk/P4ENAmSFEqsEi91rWEWZtJtnS99tBXIOUdkyeWhhU8
CTCKvABs0oPSYWoEaDWayYOmB72lC5leH2LYmEfP8QFwZPG3XN8PG4BiMtOpkLsZ
B7ctfFZVl0/wze3seqVP83iTvLIMrPUwn/Hpa1uey/U7ULtNrzGVnoH3m3saRQ0x
m9BO7v5rJl0gByPTdPizhQ4dp8CWECdzRI3ARmh69+v2jg+m1vCTCDnViUL5IOTt
wihHmb0S9H+RK4JjodZLzaxGmCUN40oqO8jKR91yXp3YbelsApm/xdTCUyIjf/Tw
MU3gbgTq5u3ipvH2Ngs56ACdoo/uFO15B3JdmXPmAuXJ0yKCxYIw/L1HkUbNNfKQ
YY1flHmnAI/Xvr9u86Z2
=nPxJ
-----END PGP SIGNATURE-----