Hello Noel Noel Kuntze <n...@familie-kuntze.de> wrote :
> (I'm answering this from my original email account now.) And I see your email now in my email account. >> But when I look at the log on my site together with >> "tcpdump -i ppp0", I have the impression that ikev2_auth >> is sent (once). > > This looks good. Check if that packet makes it there. Some IKE implementations > just drop all packets from other peers when authentication fails and report a > local > error instead of sending a noficication back. Ok. Meanwhile I have looked at the time stamps and IMHO they are a little bit strange: >> Apr 25 16:32:28 daemon.info syslog: 05[NET] sending packet: from >> 10.64.33.100[4500] to xxx.137.25.195[4500] (1120 bytes) >> 16:32:32.802620 IP 10.64.33.100.4500 > xxx.137.25.195.4500: NONESP-encap: >> isakmp: child_sa ikev2_auth[I] >> Apr 25 16:32:32 daemon.info syslog: 03[IKE] retransmit 1 of request with >> message ID 1 strongSwan[NET] is sending the package 16:32:28. The package is visible on ppp0 16:32:32. 4 seconds... this seams to be charons retransmit_timeout (which we can see as well). Is there an explanation for this behavior? Kind regards, René _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users