[Swan-dev] IPsec rekey fron Libreswan not initiated
Balaji Thoguluva
tbbalaji at gmail.com
Wed Nov 25 12:32:12 UTC 2020
Thanks Paul. Attached is the pluto log. Given below is the configuration.
conn radcert
ikev2=yes
left=10.196.175.174
leftsubnet=10.196.175.174/32
leftprotoport=17/1812
right=10.196.176.11
rightsubnet=10.196.176.11/32
rightprotoport=17/1812
auto=ondemand
ike=aes256-sha256;dh14
phase2=esp
phase2alg=aes256-sha1;modp2048
pfs=yes
authby=secret
type=tunnel
esn=no
rekey=yes
salifetime=300s
ikelifetime=3600s
dpddelay=30s
dpdtimeout=60s
dpdaction=restart
Thanks,
Balaji
On Tue, Nov 24, 2020 at 8:34 PM Paul Wouters <paul at nohats.ca> wrote:
> On Nov 24, 2020, at 18:02, Balaji Thoguluva <tbbalaji at gmail.com> wrote:
> >
> >
> > Hi Paul,
> >
> > Tried setting dpdaction=restart. Still the same behavior.
> >
> > Do you consider this as a defect. If yes, any idea when it will be fixed?
>
> We don’t have it confirmed as defect yet. This is a basic case that is
> automatically tested so something else must be going on.
>
> Can you share updated logs?
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20201125/27c65055/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: auth.log
Type: application/octet-stream
Size: 66248 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20201125/27c65055/attachment-0001.obj>
More information about the Swan-dev
mailing list