[Openswan Users] windows client fails to rekey
Marc Fisher
m4fisher at gmail.com
Tue Jun 22 04:22:29 EDT 2010
Hello,
I've had this issue since I started using openswan. In short, the
windows client disconnect every 60 minutes, due to failed rekey process.
I'm simply using the windows "redial on disconnect" option to keep the
line up. I have to, however, restart ipsec every few days, because
openswan connections start to pile up to hundreds, and it actually
crashes the linux server after a while. I've been waiting for few new
releases before writing here, but since the problem presist in 2.6.27,
I'd really appreciate any advice into what is causing this. I'd also be
very interested to hear from someone who is not experiencing this issue
- his/her windows xp machine rekeys successfully.
This is how the connection drops after 60 minutes:
http://ioudas.net/openswanlog.txt
First I though the line
netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for
policy eroute_connection delete was too long: 100 > 36
was to blame, so I applied the patch from
https://gsoc.xelerance.com/issues/1120
It doesn't help unfortunately, now the process looks like this:
http://ioudas.net/openswanlog_afterpatch.txt
Is it normal that the client sends " Delete SA" during rekey? Is windows
messing up here?
My barf is here: http://ioudas.net/openswan_barf.txt
I'd really appreciate any ideas as to what might be causing it, even if
the idea doesn't include solution :)
Thanks,
Marc
More information about the Users
mailing list