Hi, we want to set up a OpenSWAN server in the data center and some Windows L2TP/IPsec clients in remote location. In most of the cases it works, but some clients behave very strange.
When the time for rekey comes they send out a Informationnal Message to delete the current IPsec SA WITHOUT setting up a new phase 2 SA before. Of course communication breaks down, the windows client recognizes it after one minute and starts the complete Main Mode negotiation again. tcpdump in the Windows machine shows that the Windows machine really does not send out Quick IKE packets to negotiate new Phase 2 credentials. Together with the customer I try to figure out what might be the differences between a working and a failing Windows installation. But perhaps anybody on the list did see this behaviour before and knows the cause of the problem. Any hints? Setup: OpenSWAN on a plain Debian. Yes, I know this is the libreSWAN list, but since it seems to be a Windows problem, perhaps somebody has seen it already. Mit freundlichen Grüßen, Michael Schwartzkopff -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
