[Swan-dev] Regression with IKEv1 XAUTH in current git

Paul Wouters paul at nohats.ca
Wed Feb 27 13:41:57 UTC 2019

On Wed, 27 Feb 2019, Tuomo Soini wrote:

> We had issue that IKEv1 XAUTH didn't work with other implementations.
> That issue was fixed by Paul as of
> 7b424f52fffa00d0cb114720c136139318a71142.
> But there is still an issue with DPD with XAUTH clients after this.
> After DPD timeout time libreswan just drops vpn connection.

Isn't that what DPD timeouts are for?

> with settings of dpddelay=30, dpdtimeout=120 road warrior is killed by
> DPD after a little more than two minutes.
> This is a release blocker for 3.28.

Can you more carefully explain the problem? :)


More information about the Swan-dev mailing list