[Openswan Users] Ping through tunnel suddenly stops
MarekGreško
gresko at thr.sk
Thu May 27 12:53:08 CEST 2004
Hello,
> I have a tunnel between two machines without a default route. After a
> minute or two of successful pinging, tunnel stops and the following is
> logged:
>
> ERROR: netlink response for Add SA ... included errno 17: File exists
> max number of retransmissions (2) reached STATE_QUICK_R1
>
> ESP packets are still being sent by first gateway, but seem to be
> dropped by the other. Last line of ipsec auto --status prints:
>
> 000 192.168.1.16/32:0 -1-> 192.168.1.17/32:0 => %hold 0 %acquire-netlink
>
> The problem only occurs when ipsec is first started. If I do "ipsec
> restart", the problem disappears.
>
> Why does this happen? I've stumbled upon this while trying to create a
> tunnel that would come up whenever the dial-out interface would come up.
> Is there a better way to do it besides putting "ipsec start" to ip-up
> script?
I have the same problem. I am also using Fedora Core 2 on both sides. By
future investigations I found that if I change one end to linux 2.4 (Latest
Fedora Core 1 kernel) with freeswan modules the tunnel works. But only if I
restart the linux 2.4 end. When I restart linux 2.6 end the problem
reappears.
I encounter only this in logs:
ERROR: netlink response for Add SA ... included errno 17: File exists
Not this:
max number of retransmissions (2) reached STATE_QUICK_R1
Thanks for any advice.
Marek
More information about the Users
mailing list