[strongSwan] Strongswan XAuth Authentication Hanging

joshua g grossjo2 at hotmail.com
Thu Dec 1 14:56:25 CET 2016


I have a IKEv1 configuration that is using XAuth-PAM to authenticate users.

I have noticed that after my ipsec process is running for a large amount of time, that a number of new connections are stuck in in XAuth stage.

When looking at the logs for our pam module, we see it is only called every few seconds.  The pam module itself, executes its steps in a reasonable amount of time.

Now if we restart ipsec, the pam module is called instantly for every new connection.

Because of this delay in the xauth-pam module being called, it appears clients will cancel the IKE negotiation.

I am unsure what could be causing this issue, and any help would be appreciated.

I am running on Ubuntu 12.04, Strongswan 5.5.1.

Thank you for any assistance,

Joshua G

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161201/cd03bccc/attachment.html>

More information about the Users mailing list