[Swan] IKEv2 connection failure after ~1h
Paul Wouters
paul at nohats.ca
Tue Jun 21 15:18:09 UTC 2016
On Wed, 15 Jun 2016, Daniel J Blueman wrote:
> I find IKEv2 connections from a clean Windows 10 install to libreswan
> [1] git HEAD fail after just under an hour [2]. I left the client
> pinging an internal IP address on the server to avoid the connection
> being detected as idle.
>
> Before I capture debug logs with --debug-all, any configuration changes to try?
not that I can see.
> Jun 13 22:29:19: "remote"[2] 192.168.10.240 #2: STATE_PARENT_R2:
> received v2I2, PARENT SA established tunnel mode {ESP/NAT=>0xadeaf89e
> <0x46908922 xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=192.168.10.240:4500
> DPD=active}
>
> Jun 13 23:25:05: | ikev2_child_sa_respond returned STF_FAIL with
> v2N_NO_PROPOSAL_CHOSEN
There seems to be a lot of logs, including non-debug logs, missing here.
We'd need to see those to see what's going wrong.
Paul
More information about the Swan
mailing list