[strongSwan] uniqueids=yes when only one IP in Virtual IP pool

Pavel Zhovner pavel at zhovner.com
Sun Oct 23 14:56:48 CEST 2016


Problem resolved with uniqueids=yes and mobike=yes.

On Sun, Oct 23, 2016 at 3:27 PM, Pavel Zhovner <pavel at zhovner.com> wrote:
> Hello.
> Thank you guys for your great work.
>
>
> I have one roadwarrior connection and want to always assign static ip
> to this client.
> So I setup one IP address in Virtual IP pool.
>
> Here is my ipsec.conf:
> ----------------
> config setup
>     uniqueids=yes
>     ....
>
> conn laptop
>     ....
>     rightsourceip=10.0.0.1/32
>
> ----------------
>
>
> Sometimes client lose connection and it stuck on server side until
> dead peer detection timeout.
>
> When client trying to reconnect while connection is still alive on
> server side it get this:
> ----------------
> peer requested virtual IP %any
> pool '10.0.0.1' is full, unable to assign address
> no virtual IP found for %any requested by 'laptop'
> ----------------
>
> I expect that uniqueids=yes will delete old connection before virtual
> ip assigned but it don't.
> How to resolve my issue?


More information about the Users mailing list