[strongSwan] Tunnel gets disconnected

lists lists at mhcsoftware.de
Wed Jul 13 19:28:55 CEST 2016


I use StrgonSwan 5.2 with Debian and IKEv1. I've peers where some (all, 2 of 8, etc.) tunnels get disconnected after some time. When there is (new) traffic for the vanished tunnel the tunnel will not be reestablished. Even more strange, the sending process "thinks" every thing is OK, e.g. Cups sends print jobs to port 9100 to a printer connected by a vanished tunnel and Cups does not notice that there could be no connection to the printer as there is no tunnel. The print job is marked as done. The data seems to be sent to nowhere. I've tried all three settings for "auto" (add, route, start), none makes a difference. DPD is no option as not all peers support this.

Is there a way to configure StrongSwan to keep all tunnel up all the time without DPD? Why does StrongSwan shut down tunnels? I've used Bintec routers and Cisco ASA and others. None showed this "strange" behavior ...



MHC SoftWare GmbH
Fichtera 17
96274 Itzgrund/Germany   

voice: +49-(0)9533-92006-0
fax: +49-(0)9533-92006-6
e-mail: info at mhcsoftware.de

HR Coburg: B2242
Geschaeftsfuehrer: Matthias Henze

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160713/94de8d38/attachment.html>

More information about the Users mailing list