[strongSwan] Tunnel Randomly shutdown
Tobias Brunner
tobias at strongswan.org
Mon Nov 19 12:09:58 CET 2018
Hi Thomas,
> Tunnel is established and for an unknown reason he delete the virtual ip and re establish tunnel.
Not for an unknown reason, the log tells you that the daemon sends a DPD
and a bunch of retransmits and gives up after 5 of them and then
reestablishes the SA (due to the DPD action you configured).
So according to the log, there is a communication problem between the
two peers after the connection has been established. The peer tries to
send a DPD first, to which charon responds, but there are retransmits,
so it would seem the replies don't get through. And when charon sends
it's own DPD this then times out (maybe the peer already deleted the SA)
and the connection is reestablished.
Check the peer's log and make sure no firewall rules (or strange routes)
block/redirect the DPDs somehow.
Regards,
Tobias
More information about the Users
mailing list