[strongSwan] Issues observed with Server leases in road warrior configuration
Kaur, Sumit (NSN - IN/Bangalore)
sumit.kaur at nsn.com
Thu Feb 12 11:56:59 CET 2015
Hi Tobias,
My strongswan.conf file look like this on server and client both now :-
charon {
reuse_ikesa=no
install_routes=no
block_threshold=50
cookie_threshold=100
mem-pool {
reassign_online=yes
}
}
Even this has not helped. Server assigned a different virtual IP to the client, when it came up after reboot.
Note that, strongswan version that I use is 4.3.6.
Also, there is nothing available on strongswan wiki wrt mem-pool.reassign_online option. Let us know, if any other documentation page exist for such options.
Thanks
Sumit
-----Original Message-----
From: ext Tobias Brunner [mailto:tobias at strongswan.org]
Sent: Thursday, February 12, 2015 2:22 PM
To: Kaur, Sumit (NSN - IN/Bangalore); ext Noel Kuntze; users at lists.strongswan.org
Subject: Re: [strongSwan] Issues observed with Server leases in road warrior configuration
Hi Sumit,
> In this case, since the server was not notified about client going
> down, the lease was still active at server, and then later when
> client came up and asked for virtual IP, server gave a different one
> and also updated the lease with this new assigned Virtual IP.
If you use in-memory pools (i.e. `rightsourceip=<subnet>`) you could
enable the `charon.mem-pool.reassign_online` option in strongswan.conf.
If it is enabled existing online leases will be reassigned to clients
with the same identity.
Regards,
Tobias
More information about the Users
mailing list