[Swan-dev] IPsec rekey fron Libreswan not initiated
Balaji Thoguluva
tbbalaji at gmail.com
Wed Nov 25 19:05:27 UTC 2020
Yes I also saw that error message, not sure why it does not identify IKEv1
or IKEv2.
I thought ikev2=yes parameter says this is ikev2.
I am not sure if I will be able to move easily to the later version of
Libreswan.
Is there any workaround to get around this in 3.25 itelf?
Thanks,
Balaji
On Wed, Nov 25, 2020 at 12:01 PM Paul Wouters <paul at nohats.ca> wrote:
> On Wed, 25 Nov 2020, Balaji Thoguluva wrote:
>
> > Thanks Paul. Attached is the pluto log. Given below is the configuration.
>
> hmm, that is 3.25. Can you use 3.32 or later?
>
> This is weird:
>
> 2020-11-25T12:20:34.272611+00:00 [localhost] pluto[3575]: "radcert" #2:
> STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xc0c0c1a6
> <0xcb4f58fa xfrm=AES_CBC_256-HMAC_SHA1_96 NATOA=none NATD=none DPD=active}
> 2020-11-25T12:21:07.262946+00:00 [localhost] pluto[3575]: "radcert" #2:
> Neither IKEv1 nor IKEv2 allowed: ENCRYPT+TUNNEL
> 2020-11-25T12:25:34.263093+00:00 [localhost] pluto[3575]: "radcert" #2:
> deleting state (STATE_V2_IPSEC_I) and sending notification
>
> Some how your connection is missing ikev1 and ikev2 ??
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20201125/b3ef0082/attachment.html>
More information about the Swan-dev
mailing list