[Openswan Users] Windows rekey problem

John A. Sullivan III jsullivan at opensourcedevel.com
Thu Oct 20 08:56:33 CEST 2005


On Thu, 2005-10-20 at 10:13 +0100, Colin Johnston wrote:
> Hi John,
> We had the same problem in testing using local lan clients to the vpn
> server.
> 
> The issue never seemed to happen with remote clients so we assumed it was a
> speed issue with packets where the application(openswan) could not respond
> quick enough but over the WAN it worked ok with greater speed lags.
> We tried changing rekey times but it made no difference.
> 
> The issue may well happen with remote clients but since most are slow and
> only broadband speed then it is unlikely.
> 
> I found a simple restart of openswan via cron each night kept everything
> working well and even if clients were connected at restart time they
> reconnected automatically after openswan restarted.
> 
> Colin Johnston
> Satsig sysadmin
> 

Thanks for such a quick reply! However, although I find that reassuring,
I'm concerned for two reasons:

1) It might not be the same problem.  I think I'm seeing a clear
rekeying problem.  Was your problem with rekeying or was it lost packets
from buffer overruns?

2) I do have some upcoming applications where we are using IPSec clients
internally at wire speed :-(

Thus I'd love to find out what the problem is and either how we
configure or code through it.  Thanks, though - John

-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net



More information about the Users mailing list