[Swan-dev] IPsec rekey fron Libreswan not initiated

Paul Wouters paul at nohats.ca
Wed Nov 25 17:00:56 UTC 2020


On Wed, 25 Nov 2020, Balaji Thoguluva wrote:

> Thanks Paul. Attached is the pluto log. Given below is the configuration.

hmm, that is 3.25. Can you use 3.32 or later?

This is weird:

2020-11-25T12:20:34.272611+00:00 [localhost] pluto[3575]: "radcert" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xc0c0c1a6 <0xcb4f58fa xfrm=AES_CBC_256-HMAC_SHA1_96 NATOA=none NATD=none DPD=active}
2020-11-25T12:21:07.262946+00:00 [localhost] pluto[3575]: "radcert" #2: Neither IKEv1 nor IKEv2 allowed: ENCRYPT+TUNNEL
2020-11-25T12:25:34.263093+00:00 [localhost] pluto[3575]: "radcert" #2: deleting state (STATE_V2_IPSEC_I) and sending notification

Some how your connection is missing ikev1 and ikev2 ??

Paul


More information about the Swan-dev mailing list