[Openswan Users] Tunnel hangs

Paul Wouters paul at xelerance.com
Thu Nov 3 09:36:13 EDT 2011

On Wed, 2 Nov 2011, Greg Scott wrote:

> I have a couple of tunnels that continue to hang.  Here are details on one that gave me trouble today.  The right side is a central site running U2.6.19 on Fedora 9.  The left side is remote, running U2.6.36 on Fedora 15.  This tunnel went offline today for no apparent
> reason.  The name of the tunnel with the problem is Superior-Everywhere.  Here is an extract from /var/log/secure on the left side.  The right side includes a few other tunnels and all of those are fine.  It’s only the newer ipsec versions that give me trouble. 

You should first upgrade that openswan 2.6.19 release. If the problem remains, then let's have a look.

The "initiate" messages are a little worrying, do you have dynamic tunnels or OE configured?
The netlink add_sa failure is also not good, but netkey does not really give you any debug
info, so it is hard to say what's going on there.


More information about the Users mailing list