[Swan] Tunnels coming establishing and dropping quickly
Madden, Joe
Joe.Madden at mottmac.com
Thu May 18 15:45:17 UTC 2017
Hi Paul,
Thanks for the Info
We kind of got it working by changing the configuration so we have three connections which each run their own subnet.
This works although on occasion it does tend to open up two tunnels - One for Incoming traffic and one for Outgoing?!
Anyways - Its working now - I'll do I might end up moving it to a cisco - Or convincing the Third party to move to LibreSwan!
Thanks
Joe.
-----Original Message-----
From: Paul Wouters [mailto:paul at nohats.ca]
Sent: 18 May 2017 16:30
To: Madden, Joe <Joe.Madden at mottmac.com>
Cc: swan at lists.libreswan.org
Subject: RE: [Swan] Tunnels coming establishing and dropping quickly
On Thu, 18 May 2017, Madden, Joe wrote:
> We ended up narrowing it down to a configuration where leftsubnets is
> used with more than one subnet - Libreswan and Strongswan doesn't like
> it
Likely because strongswan uses/expects CREATE_CHILD_SA and libreswan is using individual IKE SA's.
Your best bet is to wait for 3.21 to be released. Or try one of the release candidates we are trying to get out this/next week.
(or git master)
Paul
More information about the Swan
mailing list