[strongSwan] Two connections to the same endpoint

bnets and will make the traffic selector different to avoid problems. But, I'm not sure, because the second one is included in the first one and may be the problem is the same. Will that work? Regards, Diego -- Diego Woitasen ___ Users

Re: [strongSwan] Packet loss on rekeying

ou try the same test with ikeliftime=10min (lifetime=30s) and > verify this is the issue. > > If you use IKEv2 and reauth=no then you may avoid this problem. > > > On Mon, 2012-09-17 at 17:23 -0300, Diego Woitasen wrote: >> Hi, >> I'm testing my Strongswan install

Re: [strongSwan] Packet loss on rekeying

On Mon, Sep 17, 2012 at 5:23 PM, Diego Woitasen wrote: > Hi, > I'm testing my Strongswan installation and I discover that I have > packet loss on rekeying. I set this values to reproduce the problem: > > ikelifetime=60s > lifetime=30s > rekeymargin=20s > rekeyfuzz=

[strongSwan] Packet loss on rekeying

s, Diego -- Diego Woitasen ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users

[strongSwan] deleting IKE_SA: what's the reason?

I have DPD enabled but I don't see the message "giving up..." and I don't see the message "received stroke..." about the connection lost and I don't see the rekeying messages. Is there an aditional way to discover why Charon is deleting

[strongSwan] leftid in "non-default conn" ignored

MPLS-site1: child: 10.0.0.0/8 === 10.12.160.254/32 , dpdaction=clear If I move leftid to "%default", statusall is: LabMPLS-site1: local: [site1.example.com] uses public key authentication Is this intentional or is it a bug? I was trying to use differents leftids for each connecti

Re: [strongSwan] Charon doesn't set the routes

ile installing the policy > and later when installing the route and checking the mode it's not the > original mode that is compared.  Please update to at least 4.5.0 to fix this. > > Regards, > Tobias > > Yes, you are right. The bug was fixed in Openswan 4.5.2 from Debi

Re: [strongSwan] establish secure connection without ike

Thanks for your guidance > On Sat, Oct 1, 2011 at 10:33 PM, Diego Woitasen > wrote: >> >> On Sat, Oct 1, 2011 at 2:30 PM, nima chavooshi wrote: >> > hi >> > first of all excuse me for dummy question. >> > When I started to reading about IPSsec, i have

Re: [strongSwan] establish secure connection without ike

___ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users > Yes, it's possible. Not a good idea but possible. Have a look to the "ip xfrm" command o use ipsec-to

Re: [strongSwan] Charon doesn't set the routes

On Fri, Sep 30, 2011 at 1:52 PM, Diego Woitasen wrote: > On Fri, Sep 30, 2011 at 8:12 AM, Diego Woitasen wrote: >> Hi, >>  I have the configure below. I don't know why Charon doesn't set the >> routes after SA establishment. It's a net-to-net tunnel and wor

Re: [strongSwan] Charon doesn't set the routes

On Fri, Sep 30, 2011 at 8:12 AM, Diego Woitasen wrote: > Hi, >  I have the configure below. I don't know why Charon doesn't set the > routes after SA establishment. It's a net-to-net tunnel and works > perfectly for hosts behind the gateway but if I want to connect from

[strongSwan] Charon doesn't set the routes

:9e:7f:52 brd ff:ff:ff:ff:ff:f ip route show table 220: [empty] Regards, Diego -- Diego Woitasen ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users