Hi Noel, Thanks you , i see that I am using OpenSSL. I will email them on this issue. However, it would be great if we get a vici error notification saying SPI allocation failed so that I can tack some prevent action based on the message.
random-gen: RNG_WEAK[openssl] Thanks, Naveen On Fri, Jan 3, 2020 at 10:23 AM Noel Kuntze <noel.kuntze+strongswan-users-ml@thermi.consulting> wrote: > Hello Naveen, > > That means the RNG (RNG_WEAK type) that is provided by whatever plugin > didn't return an SPI but a failure instead. > Check what plugin provides RNG_WEAK on your system (ipsec stroke listalgs > or swanctl --list-algs) and check how that could occur. > Maybe file a bug with the project that maintains the library or something. > It's up to you. > > Kind regards > > Noel > > Am 03.01.20 um 02:52 schrieb Naveen Neelakanta: > > Hi Noel and Tobias, > > > > I saw my session was down and see the below message in strongswan logs > saying SPI allocation had failed, after restarting Charon, the session came > up. I was running as root. I believe the session was flapping if that is > the reason for the below message or are there other reasons for this. how > can I recover from this situation?, I am using a vici interface to bring up > the tunnel, I did not get any message saying spi allocating failed via a > vici error message. > > > > [MGR] failed to allocate SPI for new IKE_SA > > > > Thanks, > > Naveen > >