[Swan] IPsec tunnel ping succedes only initially
Matteo Centonza
matteo at metatype.it
Sun Feb 24 20:06:43 UTC 2019
On Thu, 14 Feb 2019 Paul Wouters <paul at nohats.ca> wrote:
On Thu, 14 Feb 2019, Matteo Centonza wrote:
>
> > i'm trying to establish a stable ipsec tunnel between an aws vpc and my
> home lab.
> >
> > I've configured a centos 7.6 machine with libreswan-3.25.4-1 in ec2 and
> i'm using a vodafone modem as
> > client (total blackbox).
> >
> > IPsec tunnel starts just fine, but often ping timeouts after first
> successful packet and i need to
> > restart connection. I've tried to play with several options (including
> mtu changes) but without luck.
> >
> > Does this rings any bell?
>
> No that sounds odd. check the logs to see if the tunnel is continiously
> restarted or if the pluto daemon is crashing on either end.
>
just for posterity, problem was likely caused by vodafone modem (Vodafone
Station Revolution hhg2500, firmware revision 5.4.8.1.327.1.12.1.7).
Unfortunately there's no way to access tunnel logs to confirm.
By swapping with a centos box with libreswan, tunnel works like a charm.
Thanks for your help,
-m
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190224/ab573d27/attachment.html>
More information about the Swan
mailing list