[strongSwan] Intermittent drop-out of VPN connection
Chris Smith
space.dandy at icloud.com
Mon Oct 19 13:30:55 CEST 2020
Hi Noel,
I’ve made those changes and it seems to have resolved my issue. Thanks for your help.
Regards,
Chris
—
Chris Smith <space.dandy at icloud.com>
> On 17 Oct 2020, at 14:35, Noel Kuntze <noel.kuntze at thermi.consulting> wrote:
>
> Hi,
>
> Configure your own side with lower reauth and rekey times than the other peer.
> Currently the other peer tries to reauth which fails because you're using the insecure aggressive mode. strongSwan by default rejects other peers' authentication requests if they're using aggressive mode.
> A reauthentication is basically creating a new IKE_SA from scratch, so that behavior applies.
>
> Just configure your client with lower rekey and reauth times. That's simpler than globally enabling aggressive mode.
>
> Kind regards
>
> Noel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20201019/2af300c0/attachment.html>
More information about the Users
mailing list