Hi, I'm using strongSwan5.3.1 with Linux. I connected peer with ipsec.conf as attached. When I execute ping from my site(192.168.101.0/24) to peer site( 10.200.10.0/24), it works fine. Then "ipsec status" shows below:
--------------------------------
Routed Connections:
test-site{1}: ROUTED, TUNNEL, reqid 1
test-site{1}: 192.168.101.0/24 === 10.200.10.0/24
Security Associations (1 up, 0 connecting):
test-site[1]: ESTABLISHED 28 seconds ago,
192.168.101.75[AAA.BBB.85.30]...XXX.YYY.50.68[XXX.YYY.50.68]
test-site{2}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: ccdf13a6_i
8c5c115a_o
test-site{2}: 192.168.101.0/24 === 10.200.10.0/24
--------------------------------
After a few minutes later, our strongSwan received "DELETE for ESP
CHILD_SA" from peer. Then "ipsec status" shows below, and ping from our
site to peer site fails. I also attached strongswan.log around the
"DELETE". During the few minutes, only DPD packets are sent/rececived.
--------------------------------
Routed Connections:
test-site{1}: ROUTED, TUNNEL, reqid 1
test-site{1}: 192.168.101.0/24 === 10.200.10.0/24
Security Associations (1 up, 0 connecting):
test-site[1]: ESTABLISHED 6 minutes ago,
192.168.101.75[AAA.BBB.85.30]...XXX.YYY.50.68[XXX.YYY.50.68]
--------------------------------
I want to re-connect our site to peer site after that again.
1) Is there any connection parameters to avoid this issue ?
2) How can I re-connect sites automatically when I executing ping from our
site ?
thanks,
ipsec.conf
Description: Binary data
strongswan.log
Description: Binary data
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
