This is interesting:
Oct 8 04:01:39.330238: "ikev2"[2] 124.77.25.186 #17: proposal
1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from
remote proposals
1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Seems the issue persists. One interesting observation was that the
connection works for a while on the new instance before the same issue
finally kicks in.
The issue occurs after around 3 - 7 rekeys, each rekey is default to 480
seconds for iOS clients, which means the connection works for about
Thanks Paul, will double check and circle back.
On Sat, Oct 8, 2022 at 00:06 Paul Wouters wrote:
> On Fri, 7 Oct 2022, Tielong Su wrote:
>
> > Hello libreswan community,
> > I am experiencing some SA retransmission issues for my IKEv2 connection.
> The connection had been stable and worked
On Fri, 7 Oct 2022, Tielong Su wrote:
Hello libreswan community,
I am experiencing some SA retransmission issues for my IKEv2 connection. The
connection had been stable and worked pretty well until recently.
From the pluto logs it seems the IPSec tunnel was successfully established but
at
Hello libreswan community,
I am experiencing some SA retransmission issues for my IKEv2 connection.
The connection had been stable and worked pretty well until recently.
>From the pluto logs it seems the IPSec tunnel was successfully established
but at the same time the pluto daemon is