[Openswan Users] max number of retransmissions (2) - interop with fortigate
Jason Sigurdur
jason.sigurdur at aspenview.org
Tue Jul 20 11:33:09 EDT 2010
Hi, I am replacing our old fedoracore 5 with fortigate 80c devices. So far I have 1 fortigate device with 5 tunnels up (13 total).
We are using transport mode.
>From the logs I noticed a lot of ' max number of retransmissions (2) reached STATE_QUICK_I1' . The tunnels work fine, and come up quick, but one thing that I did notice was that after about 20 days pluto/ipsec freezes/stops working?
Any suggestions appreciated.
jason
2.6.20-1.2320.fc5 - openswan-2.4.4-1.1.2.1
initiating Quick Mode PSK+ENCRYPT+PFS to replace #171141 {using isakmp#170817}
Jul 20 09:24:38 GW13 pluto[7962]: "ipsec1013" #171142: max number of retransmissions (2) reached STATE_QUICK_I1
Jul 20 09:24:38 GW13 pluto[7962]: "ipsec1013" #171142: starting keying attempt 340 of an unlimited number
Jul 20 09:24:38 GW13 pluto[7962]: "ipsec1013" #171152: initiating Quick Mode PSK+ENCRYPT+PFS to replace #171142 {using isakmp#170817}
Jul 20 09:24:42 GW13 pluto[7962]: "ipsec1013" #171143: max number of retransmissions (2) reached STATE_QUICK_I1
Jul 20 09:24:42 GW13 pluto[7962]: "ipsec1013" #171143: starting keying attempt 188 of an unlimited number
Jul 20 09:24:42 GW13 pluto[7962]: "ipsec1013" #171153: initiating Quick Mode PSK+ENCRYPT+PFS to replace #171143 {using isakmp#170817}
Jul 20 09:24:45 GW13 pluto[7962]: "ipsec1013" #171144: max number of retransmissions (2) reached STATE_QUICK_I1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100720/15b53e43/attachment.html
More information about the Users
mailing list