[Swan] V3.7 MacOS client problem

Sven Schiwek Tue, 17 Dec 2013 12:57:07 -0800

Hi,

I have a problem with the recent version of Mac OS and libreswan 2.7 (Kernel 
3.11).
After some time (approx. 2h) the VPN gets lost. Does anyone know what happened 
here?


Snippet  of ipsec config
----8<----
conn XL2TP
      leftprotoport=17/1701
      rightprotoport=17/%any
      right=%any
      rightsubnet=vhost:%priv,%no
      ike=aes256-md5-modp1536,aes256-md5-modp1024
      rekey=no
      forceencaps=yes
      dpdaction=clear
      auto=add
      dpddelay=30
      dpdtimeout=120
---->8----

Syslog message
----8<----
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #66: the peer 
proposed: 50.30.32.51/32:17/1701 -> 10.193.252.69/32:17/57729
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #66: 
NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68: responding to 
Quick Mode proposal {msgid:241945ee}
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68:     us: 
50.30.32.51<%eth1>:17/1701
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68:   them: 
199.4.21.2[10.193.252.69]:17/57729===10.193.252.69/32
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68: keeping 
refhim=63 during rekey
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68: transition 
from state STATE_QUICK_R0 to state STATE_QUICK_R1
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68: 
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #66: ISAKMP SA 
expired (--dontrekey)
Dec 17 14:22:56 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #68: could not 
find phase 1 state for DPD
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   02 04 00 03  0b 00 00 00  e4 00 00 00 
 25 10 00 00
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   03 00 01 00  3d 9b 0a ad  00 01 00 00 
 00 00 00 00
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   00 00 00 00  00 00 00 00  03 00 05 00 
 00 00 00 00
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   02 00 e1 81  c7 04 15 02  00 00 00 00 
 00 00 00 00
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   03 00 06 00  00 00 00 00  02 00 06 a5 
 32 1e 20 33
Dec 17 14:22:56 pm-kvm01 pluto[4133]: |   00 00 00 00  00 00 00 00
Dec 17 14:23:04 pm-kvm01 pluto[4133]: "XL2TP"[19] 199.4.21.2 #67: DPD: could 
not find newest phase 1 state
---->8----

Thank you in advance
Sven
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan

[Swan] V3.7 MacOS client problem

Reply via email to