that the remote station is no
longer responding or am I wrong?
Kind regards
René
On 21.10.2022 Rene Maurer wrote:
Hi Noel
Thank you very much.
With IKEv2 the global ikev2 timeouts are used.
See https://docs.strongswan.org/docs/6.0/config/retransmission.htm
Ok. Does this mean that dpddelay
/docs/6.0/config/retransmission.html for details
Kind regards
Noel Kuntze
On 20.10.22 10:45, Rene Maurer wrote:
Hello
We are using strongSwan U5.4.0/K4.4.107 (embedded device) and making an ipec
connection to a remote CISCO system.
From time to time we see the following behavior (tunnel seams
Hello
We are using strongSwan U5.4.0/K4.4.107 (embedded device) and making an ipec
connection to a remote CISCO system.
From time to time we see the following behavior (tunnel seams to stop working):
Oct 20 09:32:33 EGV
On 10.10.2022 Noel Kuntze wrote:
Please provide the output of `ipsec statusall` as well as `ip x p`. Also, what
are your firewall rules (iptables-save, nft list ruleset).
On 10.10.22 15:44, Rene Maurer wrote:
I am looking for a way to access the devices connected to eth0 also locally
On 10.10.2022 Michael Schwartzkopff wrote:
On 10.10.22 15:44, Rene Maurer wrote:
Hi
I am using strongSwan U5.4.0/K4.4.107 (embedded device).
The ipsec tunnel is established over a mobile network and it works fine.
Additionally I have an Ethernet interface eth0 with the address 10.162.110.161
Hi
I am using strongSwan U5.4.0/K4.4.107 (embedded device).
The ipsec tunnel is established over a mobile network and it works fine.
Additionally I have an Ethernet interface eth0 with the address 10.162.110.161.
eth0 is connected to 10.162.110.165.
I am looking for a way to access the
Done, so I answer to myself.
rm...@mailc.net wrote:
But I get an AUTHENTICATION_FAILED notify error.
Changing left id from
leftid="C=**, ST=**, L=***, O=***, OU=***, CN=***, E=***"
to a very simple level
leftid=CN-part (e.g. leftid=abc.xxx.ch)
solved the problem (it was additionally
Hello
I am trying to connect to a Cisco VPN Terminator. Unfortunately I do not have
access to this point.
I have obtained certificate and key and entered them in /etc/ipsec.d/certs,
/etc/ipsec.d/cacerts and /etc/ipsec.d/private.
But I get an AUTHENTICATION_FAILED notify error.
I don't know
Hello Noel
> set net.ipv4.ip_no_pmtu_disc=1
Doesn't help.
> Try to enable IKE fragmentation, if you can, by setting "fragmentation=yes".
> That will enable fragmentation if the remote peer supports it.
Fragmentation isn't supported by the peer AFAIK.
> The problem is that the message gets
Hello
I have strongSwan 5.3.0 installed on a embedded Linux system with
Kernel 3.14.43.
The embedded system has three network interfaces:
1. eth0 => connected to my local network (10.4.48.0/20).
2. eth1 => connected to the Ethernet (DHCP) if cable plugged in.
3. ppp0 => connected to the Ethernet
Hello Noel
On 27.04.2017 15:12, Noel Kuntze wrote:
> On 27.04.2017 14:12, Rene Maurer wrote:
>> Unfortunately the problem is still pending.
> Obviously the remote peer does not respond to the request.
Finally I have the tunnel up.
ipsec status
Routed Connections:
home
Hello Noel
Noel Kuntze wrote:
>> But when I look at the log on my site together with
>> "tcpdump -i ppp0", I have the impression that ikev2_auth
>> is sent (once).
>
> This looks good. Check if that packet makes it there. Some IKE implementations
> just drop all
(Sorry email again with fixed from-address)
Hello Noel
Noel Kuntze wrote:
>> But when I look at the log on my site together with
>> "tcpdump -i ppp0", I have the impression that ikev2_auth
>> is sent (once).
>
> This looks good. Check if that packet makes it there.
Hello Noel
Noel Kuntze wrote :
> (I'm answering this from my original email account now.)
And I see your email now in my email account.
>> But when I look at the log on my site together with
>> "tcpdump -i ppp0", I have the impression that ikev2_auth
>> is sent (once).
Hello
I am new to strongSwan and I try to establish a connection between an
embedded Linux box (using Linux strongSwan U5.3.0/K3.14.43) and a MOXA
switch located on remote site.
On the embedded Linux box I have two interfaces:
ppp0 connects to the internet (using GPRS).
eth0 (10.4.48.1) connects
15 matches
Mail list logo