[strongSwan] Tunnel with Cisco stuck but DPD seems to says it's all fine
Adam Cecile
acecile at le-vert.net
Tue Aug 20 11:33:00 CEST 2019
Hello Strongswan people,
Under heavy load, my site-to-site tunnel get stuck but according to the
log file (see attachment), DPD seems to say it's all good.
Restarting ipsec service bring the tunnel back to life.
Aug 20 11:13:57 rtr ipsec[1223]: 15[NET] received packet: from
1.1.1.1[500] to 2.2.2.2[500] (92 bytes)
Aug 20 11:13:57 rtr ipsec[1223]: 15[ENC] parsed INFORMATIONAL_V1 request
4081866472 [ HASH N(DPD) ]
Aug 20 11:13:57 rtr ipsec[1223]: 15[IKE] queueing ISAKMP_DPD task
Aug 20 11:13:57 rtr ipsec[1223]: 15[IKE] activating new tasks
Aug 20 11:13:57 rtr ipsec[1223]: 15[IKE] activating ISAKMP_DPD task
Aug 20 11:13:57 rtr ipsec[1223]: 15[ENC] generating INFORMATIONAL_V1
request 518131961 [ HASH N(DPD_ACK) ]
Aug 20 11:14:49 rtr ipsec[1223]: 15[NET] sending packet: from
2.2.2.2[500] to 1.1.1.1[500] (92 bytes)
Aug 20 11:14:49 rtr ipsec[1223]: 15[IKE] activating new tasks
Aug 20 11:14:49 rtr ipsec[1223]: 15[IKE] nothing to initiate
Can you please help figure out what's going on ?
Thanks in advance,
Best regards, Adam.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: strongswan.log
Type: text/x-log
Size: 25749 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190820/a6b30f66/attachment.bin>
More information about the Users
mailing list