[Swan] Reconnecting to Libreswan using an iPhone

Dynastic Space dynasticspace at gmail.com
Sun Jan 29 06:12:56 UTC 2017


I am connecting to a libreswan vpn server using an iphone.
After about an hour the internet disconnects, although the vpn icon seems
connected.

ipsec.conf:

config setup
  protostack=netkey
  virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.
16.0.0/12,%v4:25.0.0.0/8,%v4:!10.231.247.0/24,%v4:!10.231.246.0/24
  uniqueids=no
  plutostderrlog=/var/log/openswan.log

conn xauth-psk
    authby=secret
    pfs=no
    auto=add
    rekey=no
    left=%defaultroute
    leftsubnet=0.0.0.0/0
    rightaddresspool=10.231.247.10-10.231.247.254
    right=%any
    cisco-unity=yes
    modecfgdns1=172.31.35.239
    leftxauthserver=yes
    rightxauthclient=yes
    leftmodecfgserver=yes
    rightmodecfgclient=yes
    modecfgpull=yes
    xauthby=file
    ike-frag=yes
    ikev2=never

iphone config:
 Alma Secure VPN to setup the vpn connection on my iphone. "Connect
On Demand" is set.

I connect just fine, and am able to surf for about an hour, at which point
the vpn connection seems to be on, but no internet traffic is going through.
After about 20 minutes internet connection is renewed. This scenario is
repeatable.

http://pastebin.com/aUKEjcGR contains the libreswan log file detailing the
activity during the
internet disconnect and reconnect. The log file has been greatly reduced.
Disconnection occured at ~09:12:08, and reconnection at ~09:31:45. The
obfuscated ip is aaa.bbb.ccc.ddd. The user is 'user1'.

Please let me know if I needed to add information.

Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20170129/bd90aa78/attachment.html>


More information about the Swan mailing list