<div dir="ltr"><span style="font-size:12.8px">I am connecting to a libreswan vpn server using an iphone.</span><div style="font-size:12.8px">After about an hour the internet disconnects, although the vpn icon seems connected.</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">ipsec.conf:</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><span style="font-size:12.8px">config setup</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">  protostack=netkey</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">  virtual_private=%v4:</span><a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172" rel="noreferrer" target="_blank" style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px">10.0.0.0/8<wbr>,%v4:192.168.0.0/16,%v4:172</a><span style="font-size:12.8px">.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">16.0.0/12,%v4:</span><a href="http://25.0.0.0/8,%v4:!10.231.247.0/24,%v4:!10.231.246.0/24" rel="noreferrer" target="_blank" style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px">25.0.0.0/8,%v4:!<wbr>10.231.247.0/24,%v4:!10.231.24<wbr>6.0/24</a><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">  uniqueids=no</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">  plutostderrlog=/var/log/</span><span style="font-size:12.8px">opensw<wbr>an.log</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">conn xauth-psk</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    authby=secret</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    pfs=no</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    auto=add</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    rekey=no</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    left=%defaultroute</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    leftsubnet=</span><a href="http://0.0.0.0/0" rel="noreferrer" target="_blank" style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px">0.0.0.0/0</a><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    rightaddresspool=10.231.247.</span><span style="font-size:12.8px">10<wbr>-10.231.247.254</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    right=%any</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    cisco-unity=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    modecfgdns1=172.31.35.239</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    leftxauthserver=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    rightxauthclient=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    leftmodecfgserver=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    rightmodecfgclient=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    modecfgpull=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    xauthby=file</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    ike-frag=yes</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">    ikev2=never</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">iphone config:</span></div><div style="font-size:12.8px"><span style="font-size:12.8px"> Alma Secure VPN to setup the vpn connection on my iphone. "Connect</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">On Demand" is set.</span></div><div style="font-size:12.8px"><br></div><div><span style="font-size:12.8px">I connect just fine, and am able to surf for about an hour, at which point</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">the vpn connection seems to be on, but no internet traffic is going through.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">After about 20 minutes internet connection is renewed. This scenario is</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">repeatable.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px"><a href="http://pastebin.com/aUKEjcGR">http://pastebin.com/aUKEjcGR</a> contains the libreswan log file detailing the activity during the</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">internet disconnect and reconnect. The log file has been greatly reduced.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">Disconnection occured at ~09:12:08, and reconnection at ~09:31:45. The</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">obfuscated ip is aaa.bbb.ccc.ddd. The user is 'user1'.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">Please let me know if I needed to add information.</span><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><br style="font-family:roboto,"helvetica neue",helvetica,arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px">Thanks,</span></div></div>