[Openswan Users] windows client cannot rekey
m4fisher at gmail.com
Thu Jun 24 04:19:52 EDT 2010
Hmm, feels like I'm talking to myself but it seems I was able to solve
the rekey problem.
Or to be more specific, Paul solved it in 2.6.27 with the
ALLOW_MICROSOFT_BAD_PROPOSAL patch for nat (I think)
Changing "rekey" to "yes" now works, before 2.6.27 it got stuck on the
With rekey=yes I simply get
"Allowing questionable proposal anyway [ALLOW_MICROSOFT_BAD_PROPOSAL]"
and the connection survives the rekey process.
The rekey now seems to take place every 45 minutes instead of 60, but as
long as it works, that shouldn't be a problem. Connections seem to be
replaced correctly so the kernel shouldn't crash now ;)
log here: http://ioudas.net/openswanworks.txt
The question is: Is this how it's supposed to work? Is there someone who
is able to let XP client rekey and not get the connection dropped?
More information about the Users