[Openswan Users] rekeing problem openswan to zyxel
Paul Wouters
paul at xelerance.com
Mon Dec 21 09:28:25 EST 2009
On Wed, 16 Dec 2009, Enrico Piccini wrote:
> the problem is that every hour (3600 seconds) the zyxel calls the rekeing and, for 2/3 minutes, the tunnels
> stop passing traffic. then without any operations, evething works fine for another hour. then the same problem
> after 60 minutes.
Is this phase1 or phase2 rekey?
Tunnels should overlap during rekey, so there is no time when all tunnels
are down. So either the IPsec SA is expired before rekey is finished, or
the zyxcel is mistakenly dropping traffic.
But I would have to see some logs to be able to say more.
Paul
More information about the Users
mailing list