to avoid
problems. But, I'm not sure, because the second one is included in the
first one and may be the problem is the same.
Will that work?
Regards,
Diego
--
Diego Woitasen
___
Users mailing list
Users@lists.strongswan.org
https
--
Diego Woitasen
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
On Mon, Sep 17, 2012 at 5:23 PM, Diego Woitasen di...@woitasen.com.ar wrote:
Hi,
I'm testing my Strongswan installation and I discover that I have
packet loss on rekeying. I set this values to reproduce the problem:
ikelifetime=60s
lifetime=30s
rekeymargin=20s
rekeyfuzz=0%
And every
suggest you try the same test with ikeliftime=10min (lifetime=30s) and
verify this is the issue.
If you use IKEv2 and reauth=no then you may avoid this problem.
On Mon, 2012-09-17 at 17:23 -0300, Diego Woitasen wrote:
Hi,
I'm testing my Strongswan installation and I discover that I have
enabled but I don't see the message giving up... and I don't see the
message received stroke... about the connection lost and I don't see
the rekeying messages.
Is there an aditional way to discover why Charon is deleting IKE SAs?
Regards,
Diego
--
Diego Woitasen
=== 10.12.160.254/32 , dpdaction=clear
If I move leftid to %default, statusall is:
LabMPLS-site1: local: [site1.example.com] uses public key authentication
Is this intentional or is it a bug?
I was trying to use differents leftids for each connection.
Regards,
Diego
--
Diego Woitasen
. Please update to at least 4.5.0 to fix this.
Regards,
Tobias
Yes, you are right. The bug was fixed in Openswan 4.5.2 from Debian backports.
Thanks!
--
Diego Woitasen
___
Users mailing list
Users@lists.strongswan.org
https
mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Yes, it's possible. Not a good idea but possible. Have a look to the
ip xfrm command o use ipsec-tools (and the setkey command).
Regards,
Diego
--
Diego Woitasen
guidance
On Sat, Oct 1, 2011 at 10:33 PM, Diego Woitasen di...@woitasen.com.ar
wrote:
On Sat, Oct 1, 2011 at 2:30 PM, nima chavooshi nima0...@gmail.com wrote:
hi
first of all excuse me for dummy question.
When I started to reading about IPSsec, i have understand that ike is
for
generate
On Fri, Sep 30, 2011 at 8:12 AM, Diego Woitasen di...@woitasen.com.ar wrote:
Hi,
I have the configure below. I don't know why Charon doesn't set the
routes after SA establishment. It's a net-to-net tunnel and works
perfectly for hosts behind the gateway but if I want to connect from
one
10 matches
Mail list logo