[Openswan Users] comm_handle error
Paul Wouters
paul at xelerance.com
Tue Jan 16 18:22:43 EST 2007
On Tue, 16 Jan 2007, Juan Pablo wrote:
> I upgraded to Openswan 2.4.2 and I got other difficulties. I got 31 of
> 200 roadwarrior connections that never established an IPsec tunnel
> with the following messages:
>
> 2007:01:12-17:32:24 (none) pluto[4675]: "D_XXX539_0"[362] 10.10.10.34
> #20558: STATE_MAIN_R2: sent MR2, expecting MI3
> 2007:01:12-17:32:37 (none) pluto[4675]: "D_XXX539_0"[362] 10.10.10.34
> #20321: max number of retransmissions (2) reached STATE_MAIN_R2
>
> Also when the first phase 1 re-negotiation ocurred all the connections
> go down. I'm natting, so from some ethereal captures I suspect there
> is a problem changing the UDP port from 500 to 4500 during the phase
> 1. I wonder if it is a known problem with this version of Openswan?,
> Some ideas?
Not a known problem, but you should definately try and use 2.4.7 and see
how that works.
Paul
More information about the Users
mailing list