[Openswan Users] no SA for saref=1
Alin Artiom Kenibasov
eu at artiom.ro
Wed Jan 26 10:12:55 EST 2011
Hello,
I have a tunnel between 2 networks, one end is OpenSWAN and another is a
cisco router. Tunnel is IKE+ESP VPN
The problem is that after some time of normal functioning tunnel dies (I
cannot ping other side). In OpenSWAN logs I can see this:
Jan 26 16:52:52 router user.info kernel:
klips_debug:ipsec_tunnel_neigh_setup:
Jan 26 16:52:53 router user.err kernel: KLIPS
klips_debug:ipsec_mast_start_xmit: mast0: no SA for saref=1
Jan 26 16:52:54 router user.info kernel:
klips_debug:ipsec_tunnel_neigh_setup:
Can anybody say what is the problem?
Thank you.
root at router:~# ipsec --version
Linux Openswan 2.6.28 (klips)
root at router:~# uname -a
Linux router 2.6.32.16
My ipsec.conf is:
config setup
klipsdebug="all"
plutodebug="all"
protostack=auto
conn vodafone
type=tunnel
left=x.x.x.x
leftsubnet=y.y.y.y/32
right=a.a.a.a
authby=secret
keyexchange=ike
ike=aes128-sha1-modp1024
ikelifetime=86400s
auth=esp
esp=aes128-sha1
pfs=yes
auto=start
conn vodafont_sub1
rightsubnet=b.b.b.0/24
also=vodafone
---
With best regards, Artiom Alin Kenibasov
Si vis pacem para belum
<eu at artiom.ro>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110126/190273f5/attachment.html
More information about the Users
mailing list