[Openswan Users] Limite Number en phase2
Paul Wouters
paul at xelerance.com
Tue Oct 4 09:46:39 EDT 2011
On Tue, 4 Oct 2011, SCHNEIDER Benoit wrote:
>
> In my log jute when the cpu usage increace I found this:
>
> Oct 3 15:05:42 srv-vpn1 pluto[19667]: "vpn-name1" #180426: max number of retransmissions (2) reached STATE_QUICK_I1
> Oct 3 15:05:42 srv-vpn1 pluto[19667]: "vpn-name1" #180426: starting keying attempt 8 of an unlimited number
Why is the other end rejecting your rekey attempt?
A work around could be rekey=no and let the other end decide when it wants to rekey.
> Oct 3 15:05:42 srv-vpn1 pluto[19667]: "vpn-name1" #191641: initiating Quick Mode PSK+ENCRYPT+TUNNEL+IKEv2ALLOW to
> replace #180498 {using isakmp#101770 msgid:a6efd1fc proposal=NULL(11)_000-MD5(1)_128 pfsgroup=no-pfs}
> Oct 3 15:05:42 srv-vpn1 pluto[19667]: ERROR: "vpn-name1" #191641: recvmsg(,, MSG_ERRQUEUE) on eth1:0 failed in
> comm_handle. Errno 11: Resource temporarily unavailable
> Oct 3 15:05:42 srv-vpn1 pluto[19667]: ERROR: "vpn-name1" #191641: sendto on eth1:0 to 172.17.0.137:500 failed in
> quick_outI1. Errno 111: Connection refused
Here it even vanished completely? Or your network connectivity vanished.
Paul
More information about the Users
mailing list