Unfortunately, even this solution did not help:
https://learn.microsoft.com/en-us/security-updates/securityadvisories/2016/3174644
Still losing the connection and IPv4 ping after a couple of speedtests
from Ookla.
ms-dh-downgrade=yes appears to fix that, even without USE_DH2=true when
compiling ...
Hope this helps.
Mirsad
On 11/3/2022 8:17 PM, Mirsad Goran Todorovac wrote:
Hi, Tuomo,
Unfortunately, even with Windows 10 22H2 release, there is no progress
on ms-dh-downgrade problem.
The sessions die after a couple of runs of the Ookla speedtest.
Here are the session logs without and with ms-dh-downgrade:
https://domac.alu.hr/~mtodorov/tmp/ikev2-20221103-no-dh-downgrade-01.log
https://domac.alu.hr/~mtodorov/tmp/ikev2-20221103-with-dh-downgrade-04.log
Probably it is better to install Strongswan windows client than to
expect native client to be fixed?
(Maybe there is some additional tweak in registry needed?)
Thank you.
On 11/3/2022 5:04 PM, Mirsad Goran Todorovac wrote:
On 20.10.2022. 12:54, Tuomo Soini wrote:
ms-dh-downgrade=yes
This is not needed any more, Windows 10+ have been fixed to allow dh14
or dh19 without downgrade on rekey.
Unfortunately, my version of Windows 10 still breaks IPv4 VPN
connection under stress load (Ookla speedtest
repeated a couple of times).
Cheers.
--
Mirsad Todorovac
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb
Republic of Croatia, the European Union
--
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
Mirsad Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
--
Mirsad Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
