[Openswan Users] Multiple roadwarrior connections crossed

List Receiver listreceiver at mastermindpro.com
Fri Oct 3 23:23:28 EDT 2008

> -----Original Message-----
> From: Paul Wouters [mailto:paul at xelerance.com]
> Sent: Friday, October 03, 2008 8:40 AM
> To: List Receiver
> Cc: users at openswan.org
> Subject: Re: [Openswan Users] Multiple roadwarrior connections crossed
> On Fri, 3 Oct 2008, List Receiver wrote:
> > I've got a new OpenSwan VPN setup for ~8 roadwarriors using the
> ShrewSoft client for Windows.  The majority of the setup works great,
> but I have a problem on the OpenSwan side.
> If this is using NETKEY, please try 2.6.18rc1. It fixes a problem in
> rekeying and a
> problem in picking the right conn, either of which could be the bug
> you're looking
> at.
> If using KLIPS, you'll have to wait until 2.6.18 final is released,
> we're still
> hunting a bug in that one preventing us from releasing it.
> Paul

I just installed the upgrade to 2.6.18rc1, as I am using netkey.  Unfortunately, the same problem happened again.  What else should I try?

> > When multiple users are connected for long periods of time, their
> tunnels somehow get "crossed".  By this I mean that OpenSwan gets
> confused about which public IP is associated with which SA.  As a test,
> I left my test machine associated all night last night, while others
> were actively connected.  This morning, when I went to send data across
> the tunnel, I was sending packets but not receiving anything.  I ran an
> "ipsec whack --status" on the server and found this:

More information about the Users mailing list