On 21 June 2016 at 23:18, Paul Wouters <[email protected]> wrote: > On Wed, 15 Jun 2016, Daniel J Blueman wrote: > >> I find IKEv2 connections from a clean Windows 10 install to libreswan >> [1] git HEAD fail after just under an hour [2]. I left the client >> pinging an internal IP address on the server to avoid the connection >> being detected as idle. >> >> Before I capture debug logs with --debug-all, any configuration changes to >> try? > > not that I can see. > >> Jun 13 22:29:19: "remote"[2] 192.168.10.240 #2: STATE_PARENT_R2: >> received v2I2, PARENT SA established tunnel mode {ESP/NAT=>0xadeaf89e >> <0x46908922 xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=192.168.10.240:4500 >> DPD=active} >> >> Jun 13 23:25:05: | ikev2_child_sa_respond returned STF_FAIL with >> v2N_NO_PROPOSAL_CHOSEN > > > There seems to be a lot of logs, including non-debug logs, missing here. > We'd need to see those to see what's going wrong.
Using libreswan built from last night's git HEAD, the debug log output is at https://quora.org/pluto.log.xz . The windows client is connected at 10:56:07pm; ping replies fail after ~55 minutes and the connection drops ~8h after connected, at 7:01:03am. I can readily get further debug or test changes etc. Thanks! Daniel -- Daniel J Blueman _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
