[Swan] How to configure LibreSwan to auto-restart IPSec-tunnel when it go down?
Paul Wouters
paul at nohats.ca
Mon Mar 18 10:12:54 UTC 2019
On Mon, 18 Mar 2019, yuryb wrote:
> Unfortunately I have not access to the other side's log. But as can be seen from the logs, the
> disconnection occurs during the restart of my router. At 6:00 am, the router initiates a reboot, and at
> 6:02 am, in the logs of Pluto, the entries "deleting state" appear. But why is Pluto not trying to
> reconnect?
>
> Mar 16 05:40:53 centos pluto[4644]: "vpn-uz" #22: STATE_QUICK_I2: sent QI2, IPsec SA established
> transport mode {ESP/NAT=>0x5ab0104b <0x80f9a355 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none
> NATD=195.149.70.70:4500 DPD=active}
> Mar 16 06:02:16 centos pluto[4644]: "vpn-uz" #21: IKEv1 DPD: action - clearing connection kind
> CK_PERMANENT
> Mar 16 06:02:16 centos pluto[4644]: "vpn-uz" #22: deleting state (STATE_QUICK_I2) and sending
> notification
> Mar 16 06:02:16 centos pluto[4644]: "vpn-uz" #22: ESP traffic information: in=7KB out=6KB
> Mar 16 06:02:16 centos pluto[4644]: "vpn-uz" #21: deleting state (STATE_MAIN_I4) and sending
> notification
> Mar 18 09:58:35 centos pluto[4644]: "vpn-uz" #23: initiating Main Mode
This initiating Main Mode is your end "restarting". So if that is not
succeeding something is wrong. Perhaps no network yet?
Paul
More information about the Swan
mailing list