[strongSwan] strongSwan 5.2+ disconects clients after 1 hour

Dan Craciun dany.craciun at gmail.com
Tue Mar 3 09:08:49 CET 2015


Hi Volker,

Yes, it was a similar problem.

I'm using kernel 2.6.33.4, with pppol2tp module.

I removed the module (modprobe -r pppol2tp) and the connexion became
stable.

xl2tpd complains that I don't have kernel support for L2TP now, but as
long as it works, I'm OK with that :)

Thank you.

Best regards,
Dan

On 3/2/2015 11:43 PM, Volker Rümelin wrote:
> Hello Dan,
>
> I am quite sure this is the same problem.
>
> https://lists.strongswan.org/pipermail/users/2013-December/005699.html
> https://lists.strongswan.org/pipermail/users/2013-December/005703.html
>
> Regards,
> Volker
>
>
>> Hi,
>>
>> strongSwan 5.2.1 (also tested with 5.2.0 and 5.2.2) on Slackware 13.1.
>> L2TP/IPsec, using PSK with xl2ptd.
>>
>> After initial successful connection, the client (Windows 7 or 8) tries
>> to rekey after ~1 hour and it fails.
>>
>> The debug log is here: http://pastebin.com/akuAYEDn
>>
>> /etc/ipsec.conf
>> conn vpnserver
>>    type=transport
>>    authby=secret
>>    rekey=yes
>>    lifetime=2h
>>    ikelifetime=4h
>>    leftprotoport=udp/l2tp
>>    right=%any
>>    rightprotoport=%any
>>    auto=add
>>
>>
>>
>> Any ideas?
>>
>> Thank you.
>>
>> Best regards,
>> Dan Craciun
>
>



More information about the Users mailing list