[Openswan Users] Openswan 1.0.6/L2TP/NAT-T Session Timeout Problem
morfsta
morph at morfsta.mine.nu
Tue Jul 13 10:38:58 CEST 2004
Hi,
I am running Openswan 1.0.6 with L2TP and NAT-T in the usual
configuration.
All works fine, the tunnel comes up and it is possible to communicate with
devices behind the firewall using the VPN.
However, the problem is that users lose their connectivity (after about an
hour) and it is then not possible to re-establish the connection. This
error is observed in /var/log/secure: -
Jul 13 09:52:35 keop-c2 pluto[19354]: ERROR: "roadwarrior"[2]
XX.XX.XX.XX:1024 #5449: pfkey write() of SADB_X_ADDFLOW message 129 for
flow esp.d4d8cea3 at XX.XX.XX.XX failed. Errno 14: Bad address
where XX.XX.XX.XX is the client's IP address.
...
Jul 13 09:52:35 keop-c2 pluto[19354]: | pfkey_get: SADB_DELETE message 131
Jul 13 09:52:35 keop-c2 pluto[19354]: | state transition function for
STATE_QUICK_R1 had internal error
Jul 13 09:52:35 keop-c2 pluto[19354]: | next event EVENT_SHUNT_SCAN in 1
secondsJul 13 09:52:35 keop-c2 pluto[19354]: | pfkey_async: SADB_X_ADDFLOW
len=2, errno=14, satype=3, seq=129, pid=19354
I searched the list but couldn't find anything regarding this, has anybody
got an idea why this problem occurs?
When I restart the ipsec service on the VPN server, all is okay again
until the connection is lost - then the problem re-occurs..
TIA,
Morph
More information about the Users
mailing list