[Openswan Users] rekey=no && cannot install eroute
Michael.Karlinsky at tieto.com
Michael.Karlinsky at tieto.com
Fri Mar 12 07:04:11 EST 2010
Hi all,
we have the following problem(s).
We have a DUT (device under test) which has a known bug regarding IPSec rekeying, if initiated by OpenSwan. So we thought about using "rekey=no" in OpenSwan as a workaround.
1) We expect OpenSwan to never initiate rekeying. But OpenSwan will do rekeying, if asked to. Is this assumtion correct?
2) Every time the DUT tries to initiate rekeying, we get the following message:
Mar 3 14:49:21 ipsectest pluto[19759]: "vpnk"[5] 172.30.64.140 #5: cannot install eroute -- it is in use for "vpnk"[4] 172.30.64.140 #4
Any idea what is going wrong?
Kind Regards,
Michael
PS: ipsec.conf and logfile as attachement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100312/5cc075c5/attachment.html
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: log.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20100312/5cc075c5/attachment.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.conf
Type: application/octet-stream
Size: 2055 bytes
Desc: ipsec.conf
Url : http://lists.openswan.org/pipermail/users/attachments/20100312/5cc075c5/attachment.obj
More information about the Users
mailing list