[Openswan Users] Phase 1 hangs

Paul Wouters paul at xelerance.com
Thu Aug 12 12:36:29 EDT 2010

On Thu, 12 Aug 2010, Erich Titl wrote:

> I have an OpenSwan installation with roughly 100 tunnels going. The
> clients use certificates for authentication.
> Trying to ad another client using the same software and comparable
> configuration gets a hang on Phase 1

> 000        pubkey:   2048 RSA Key AwEAAcehC, has private key

Do your other clients use a 2048 bit RSA key as well? That definitely causes
IKE fragmentation, as such a big key won't fit in a single IKE packet.


More information about the Users mailing list