[strongSwan] Successfully established connection goes offline after some time

Tobias Brunner tobias at strongswan.org
Thu Jan 19 14:10:35 CET 2017


Hi Varun,

> I have strongSwan 5.3.5 on Ubuntu 16.04LTS. When I connect iOS VPN
> client to it, it connects successfully and I am able to browse the
> internet. But after some time, the connection goes offline.

iOS doesn't like the NAT-D payloads added to the DPDs so it doesn't respond:

> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] sending DPD request
> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] queueing IKE_MOBIKE task
> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] activating new tasks
> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE]   activating IKE_MOBIKE task
> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[ENC] generating INFORMATIONAL
> request 0 [ N(NATD_S_IP) N(NATD_D_IP) ]
> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[NET] sending packet: from
> 172.31.9.90[4500] to 115.113.153.34[4500] (116 bytes)
> Jan 19 12:09:51 ip-172-31-9-90 charon: 05[IKE] retransmit 1 of request
> with message ID 0
> ...
> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[IKE] giving up after 5 retransmits
> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[IKE] IKE_SA iOS-IKEV2[121]
> state change: ESTABLISHED => DESTROYING
> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[CFG] lease 10.99.1.1 by
> 'varun' went offline

You need the fix included in 5.5.1, see [1].

Regards,
Tobias

[1] https://wiki.strongswan.org/issues/2126


More information about the Users mailing list