[strongSwan] Fwd: [strongSwan-dev] config w/ multiple ios devices on a network...

Miroslav Svoboda goodmirek at goodmirek.cz
Fri Apr 24 21:20:02 CEST 2015

This is not good. Possibly, what we solved was just a result, not the root
Before, I overlooked the configuration issue; maybe you will want to enable
uniqueids again once fixed.

Instead of:
there should be:

Logs will be even better if you include directive in "charon-logging.conf":
ike_name = yes


Miroslav Svoboda | +420 608 224 486

On 24 April 2015 at 21:02, Andrew Foss <afoss at actmobile.com> wrote:

>  Miroslav,
> thank you, that did it! Wow, did I log some hours trying different
> combinations, but didn't get that one and you also helped by suggesting I
> turn off enc logging, now my logs are more helpful, before they always
> ended in "dropped rate-limiting" so really weren't telling me much.
> Interestingly, both the connected devices now have the same virtual ip
>, but both seem to be working fine and the 2 devices never
> need to talk directly to one another, so maybe all the devices can
> use/assign the same ip address for the client's tunnel? Is that a common
> way to run?
> andrew
> On 4/24/15 11:36 AM, Miroslav Svoboda wrote:
> This is the problem:
> Apr 24 17:21:43 accel charon: 10[IKE] deleting duplicate IKE_SA for peer
> 'actmobile' due to uniqueness policy
>  Look for config option "uniqueids" here:
> https://wiki.strongswan.org/projects/strongswan/wiki/ConfigSetupSection
>  M.
>   Miroslav Svoboda | +420 608 224 486
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150424/451060d5/attachment.html>

More information about the Users mailing list