[Openswan Users] windows client cannot rekey
Marc Fisher
m4fisher at gmail.com
Thu Jun 24 04:19:52 EDT 2010
Hmm, feels like I'm talking to myself but it seems I was able to solve
the rekey problem.
Or to be more specific, Paul solved it in 2.6.27 with the
ALLOW_MICROSOFT_BAD_PROPOSAL patch for nat (I think)
Changing "rekey" to "yes" now works, before 2.6.27 it got stuck on the
"bad proposal"
With rekey=yes I simply get
"Allowing questionable proposal anyway [ALLOW_MICROSOFT_BAD_PROPOSAL]"
and the connection survives the rekey process.
The rekey now seems to take place every 45 minutes instead of 60, but as
long as it works, that shouldn't be a problem. Connections seem to be
replaced correctly so the kernel shouldn't crash now ;)
log here: http://ioudas.net/openswanworks.txt
The question is: Is this how it's supposed to work? Is there someone who
is able to let XP client rekey and not get the connection dropped?
Marc
More information about the Users
mailing list