[Swan] Ipsec connections getting stale frequently
Paul Wouters
paul at nohats.ca
Tue Sep 21 18:06:20 UTC 2021
On Tue, 21 Sep 2021, Marideva SHM wrote:
> We have 45 active IPSec connections in our machine. Frequently we observe couple of ipsec connections getting stale. We have to
> restart the IPsec to get the connections back and working properly.
>
> Is there any solution or workaround for this issue? Please update, if any.
>
> Version : libreswan-3.25-1.el6_9.x86_64.
> Total IPsec connections: loaded 58, active 45
>
> 000 #2: "autotestvpn_1f5cc8/1x1":4500 STATE_MAIN_I4 (ISAKMP SA
> established); EVENT_SA_REPLACE in 2796s; newest ISAKMP; lastdpd=1s(seq
> in:0 out:0); idle; import:admin initiate 000 #15:
> "autotestvpn_1f5cc8/1x1":4500 STATE_QUICK_I2 (sent QI2, IPsec SA
> established); EVENT_SA_REPLACE in 41314s; newest IPSEC; eroute owner;
> isakmp#2; idle; import:admin initiate
This in itself does not show as a problem. You will have to dive into
the logs a bit more to see what is happening. Then we can look at a
solution or workaround or bugfix.
Paul
More information about the Swan
mailing list