[strongSwan] Timeout on poor connection
Stephen Scheck
sscheck.ssni at gmail.com
Fri Sep 29 18:43:52 CEST 2017
I’ve having a similar problem … I tried adding this to the conn section per the docs at https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
keyingtries = %forever
But it didn’t help.
Does anybody know if there are other configuration knobs which influence connection establishment retries?
-Steve
> On Sep 29, 2017, at 11:59 AM, Jamie Stuart <jamie at onebillion.org> wrote:
>
> Hi,
>
> We have client (running on LEDE) connecting to a server (Ubuntu). The client is connecting from rural Africa of 2G/3G with high latency and low speed.
> Often, the connection does not come up, timing out after 5 retracts like the log below:
>
>
> ipsec up {connection}
> initiating IKE_SA {connection}[2] to {serverip}
> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_S_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP)]
> sending packet: from {clientip}[500] to {serverip}[500] (378 bytes)
> retransmit 1 of request with message ID 0
> sending packet: from {clientip}[500] to {serverip}[500] (378 bytes)
> retransmit 2 of request with message ID 0
> sending packet: from {clientip}[500] to {serverip}[500] (378 bytes)
> retransmit 3 of request with message ID 0
> sending packet: from {clientip}[500] to {serverip}[500] (378 bytes)
>
>
> Is there anything more we can do to make the connection 1) establish more reliably 2) remain ’up’ even over a power quality connection (using MOBIKE already)
>
>
> Thanks in advance!
>
> Jamie, onebillion
More information about the Users
mailing list