[strongSwan] Don't know where to start
Rene Maurer
rmnet at mailc.net
Tue Apr 25 20:04:45 CEST 2017
Hello Noel
Noel Kuntze <noel at familie-kuntze.de> wrote :
> (I'm answering this from my original email account now.)
And I see your email now in my email account.
>> But when I look at the log on my site together with
>> "tcpdump -i ppp0", I have the impression that ikev2_auth
>> is sent (once).
>
> This looks good. Check if that packet makes it there. Some IKE implementations
> just drop all packets from other peers when authentication fails and report a local
> error instead of sending a noficication back.
Ok.
Meanwhile I have looked at the time stamps and IMHO they are a little bit strange:
>> Apr 25 16:32:28 daemon.info syslog: 05[NET] sending packet: from 10.64.33.100[4500] to xxx.137.25.195[4500] (1120 bytes)
>> 16:32:32.802620 IP 10.64.33.100.4500 > xxx.137.25.195.4500: NONESP-encap: isakmp: child_sa ikev2_auth[I]
>> Apr 25 16:32:32 daemon.info syslog: 03[IKE] retransmit 1 of request with message ID 1
strongSwan[NET] is sending the package 16:32:28.
The package is visible on ppp0 16:32:32.
4 seconds... this seams to be charons retransmit_timeout (which we can see as well).
Is there an explanation for this behavior?
Kind regards,
René
More information about the Users
mailing list