[Openswan Users] Openswan pluto causes connection drop after 10s with Android IPsec/L2TP clients
rene at mayrhofer.eu.org
Thu Sep 1 14:43:34 EDT 2011
On 01.09.2011 18:40, Paul Wouters wrote:
> On Thu, 1 Sep 2011, René Mayrhofer wrote:
>> It seems that openswan pluto is having problems with Android clients.
>> reproducible problem is that:
>> - The gateway is a fresh Debian Squeeze installation with backported
>> 2.6.35-1, strongswan 4.4.1-6, and xl2tpd 1.2.7+dfsg-1. Kernel is
>> 2.6.32-5 with and without SAref patch applied.
>> - Android 2.3.4 can, with the built-in IPsec/L2TP client - configured
>> "normally" via the settings GUI with either PSK or X.509 certificates
>> - connect
>> to an openswan/strongswan gateway with xl2tpd.
> You should use rightprotoport=17/%any
> Strongswan might have a different interpretation from Openswan on the
> meaning of 17/0
As far as I am aware, %any translates to 0.
> The ppp logs show the android phone is deciding to hang up. Can you
> see its logs
> on why it is doing that?
According to the logs, yes. However, it seems unlikely that the Android
client is behaving differently when connecting to openswan (as opposed
to strongswan). Unfortunately, I have not yet found any detailed logs of
the embedded racoon and therefore can't debug from the client side.
More information about the Users