[strongSwan] Strongswan Connection Drop after 60 Minutes
Tobias Brunner
tobias at strongswan.org
Tue Aug 18 16:43:34 CEST 2020
Hi Vikram,
> The connection is established when the Strongswan service is started,
> but the connection drops approximately after 60 minutes.
That sounds like a rekeying issue (default CHILD_SA lifetime is 1h).
Possible culprits may be the DH groups in the ESP proposals if the peer
doesn't expect a DH exchange there (even though you added the default
proposal it might not be what the peer expects), see [1] for details.
Read the log to see what's actually going on.
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey#IPsec
More information about the Users
mailing list