[strongSwan] two road runners collide ?

lejeczek peljasz at yahoo.co.uk
Tue Dec 26 17:48:35 CET 2017

hi people

I have a server and a roadwarrior connects to the server 
fine,config uses certificates, all seems ok.
Then I've tried to setup a second RR, I use the same setting 
same certs, only IP is different, naturally.

But, there I have a problem, it must be trivial - I believe 
many simultaneous clients for strongwan is a norm - when the 
first client is connect and all is fine and the second 
clientconnects, also successfully, then first client gets 

I guess, my first question would be - can my clients use the 
same one certificate? It is why the server disconnects one, 
because both clients use the same cert?

Being merely a user(not a an expert) I can guess this might 
be telling you more:

13[ENC] parsed IKE_AUTH request 1 [ EF(1/2) ]
09[CFG] detected duplicate IKE_SA for 'O=my, CN=my.dom', 
triggering delete for old IKE_SA
11[IKE] destroying IKE_SA in state DELETING without notification
09[IKE] sending end entity cert "O=my, CN=my.dom"
11[CFG] delete for duplicate IKE_SA 'O=my, CN=my.dom' timed 
out, keeping new IKE_SA
09[IKE] peer requested virtual IP

many thanks, L.

More information about the Users mailing list