[Openswan Users]
Oskar Liljeblad
oskar at osk.mine.nu
Sun Apr 17 23:25:44 CEST 2005
On Saturday, April 16, 2005 at 00:17, Paul Wouters wrote:
> >I'm having trouble with my IPsec configuration. It seems to go down and up
> >quite frequently. It stays down, or up for that matter, for an hour or
> >longer.
>
> >15:42:23 pluto[406]: "dlink-subnet-alpha-subnet" #40: ISAKMP SA
> >established
> >Then a little later:
> >
> >15:57:00 alpha pluto[406]: "dlink-subnet-alpha-subnet" #39: received
> >Delete SA payload: deleting ISAKMP State #39
> >15:57:00 alpha pluto[406]: packet from 194.XXX.XXX.XXX:500: received and
> >ignored informational message
>
> The other end is hanging up. It might tell you in its logs why.
First of all, thanks for your quick reply!
How come it first successfully establishes ISAKMP at state #39, then
later drops #38, and the whole connection go down?
I have yet to get a good look at the logs on the D-Link - it seems to
log quite much so unfortunately the log entries at the time above were
rotated away.
> Double check your configuration. A workaround might be for the openswan side
> to use a shorter keylife, so that it will always be the one initiating a
> rekey.
Currently, the settings on the D-Link device are set to the openswan
defaults
ikelifetime 1h
keylife 8h
Maybe I should try modifying them. I will mail again.
Regards,
Oskar Liljeblad (oskar at osk.mine.nu)
More information about the Users
mailing list