[Openswan Users] L2TP/IPsec: Strange problems with rekey
ms at sys4.de
Mon Nov 24 09:03:23 EST 2014
we want to set up a OpenSWAN server in the data center and some Windows
L2TP/IPsec clients in remote location. In most of the cases it works, but some
clients behave very strange.
When the time for rekey comes they send out a Informationnal Message to delete
the current IPsec SA WITHOUT setting up a new phase 2 SA before. Of course
communication breaks down, the windows client recognizes it after one minute
and starts the complete Main Mode negotiation again.
tcpdump in the Windows machine shows that the Windows machine really does not
send out Quick IKE packets to negotiate new Phase 2 credentials.
Together with the customer I try to figure out what might be the differences
between a working and a failing Windows installation. But perhaps anybody on
the list did see this behaviour before and knows the cause of the problem.
Mit freundlichen Grüßen,
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 230 bytes
Desc: This is a digitally signed message part.
More information about the Users