[Openswan Users] Phase 1 hangs
paul at xelerance.com
Thu Aug 12 12:36:29 EDT 2010
On Thu, 12 Aug 2010, Erich Titl wrote:
> I have an OpenSwan installation with roughly 100 tunnels going. The
> clients use certificates for authentication.
> Trying to ad another client using the same software and comparable
> configuration gets a hang on Phase 1
> 000 pubkey: 2048 RSA Key AwEAAcehC, has private key
Do your other clients use a 2048 bit RSA key as well? That definitely causes
IKE fragmentation, as such a big key won't fit in a single IKE packet.
More information about the Users