[strongSwan] Successfully established connection goes offline after some time
Varun Singh
varun.singh at gslab.com
Thu Jan 19 14:22:00 CET 2017
On Thu, Jan 19, 2017 at 6:40 PM, Tobias Brunner <tobias at strongswan.org> wrote:
> Hi Varun,
>
>> I have strongSwan 5.3.5 on Ubuntu 16.04LTS. When I connect iOS VPN
>> client to it, it connects successfully and I am able to browse the
>> internet. But after some time, the connection goes offline.
>
> iOS doesn't like the NAT-D payloads added to the DPDs so it doesn't respond:
>
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] sending DPD request
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] queueing IKE_MOBIKE task
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] activating new tasks
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[IKE] activating IKE_MOBIKE task
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[ENC] generating INFORMATIONAL
>> request 0 [ N(NATD_S_IP) N(NATD_D_IP) ]
>> Jan 19 12:09:47 ip-172-31-9-90 charon: 16[NET] sending packet: from
>> 172.31.9.90[4500] to 115.113.153.34[4500] (116 bytes)
>> Jan 19 12:09:51 ip-172-31-9-90 charon: 05[IKE] retransmit 1 of request
>> with message ID 0
>> ...
>> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[IKE] giving up after 5 retransmits
>> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[IKE] IKE_SA iOS-IKEV2[121]
>> state change: ESTABLISHED => DESTROYING
>> Jan 19 12:12:32 ip-172-31-9-90 charon: 16[CFG] lease 10.99.1.1 by
>> 'varun' went offline
>
> You need the fix included in 5.5.1, see [1].
>
> Regards,
> Tobias
>
> [1] https://wiki.strongswan.org/issues/2126
Thanks for this info. I can uninstall 5.3.5 and install 5.5.1 to solve
this issue as well.
However, I have an old iPad with iOS 9.3.5 and I face the same issue
on it. The issue mentioned
in the ticket is related to iOS 10. Could it be possible that the
issue I have is something else? Is there
a way to verify?
--
Regards,
Varun
More information about the Users
mailing list