[strongSwan] Ikev2 rekeying failure on EC2 site2site tunnel
Tobias Brunner
tobias at strongswan.org
Wed Sep 7 09:31:43 CEST 2016
Hi Isaac,
> Sep 6 17:12:17 ec2vsswp01 charon: 09[IKE] unable to reauthenticate
> IKE_SA, no CHILD_SA to recreate
Check the log for information why there is no CHILD_SA. Maybe it was
deleted by the other peer (e.g. due to inactivity). You might want to
consider using `auto=route` and reading [1] might clarify some things too.
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey
More information about the Users
mailing list