Hi all.
IPSec reboots all the time. A message appears in the logs.
Dec 24 15:16:30 vpn pluto[6151]: EXPECTATION FAILED: "<profile_name_1>/0x1"[1] <ip remote host> #3: Message ID: IKE #3 responder.wip shold be -1, was 5 (initiator: .sent=-1 .recv=-1 .recv_frags=0 .wip=-1 .last_sent=253119.346423 .last_recv=253119.346423 responder: .sent=4 .recv=4 .recv_frags=0 .wip=5 .last_sent=253124.357841 .last_recv=253124.357841) (v2_msgid_start() +207 programs/pluto/ikev2_msgid.c)
Dec 24 15:16:30 vpn pluto[6151]: EXPECTATION FAILED: "<profile name_1>/0x1"[1] <ip remote host> #3: state already has outstanding crypto [(process_v2_CREATE_CHILD_SA_request() +1020 programs/pluto/ikev2_create_child_sa.c)] (process_v2_CREATE_CHILD_SA_request() +1020 programs/pluto/ikev2_create_child_sa.c)
Dec 24 15:16:30 vpn pluto[6151]: FATAL: ASSERTION FAILED: st->st_suspended_md == ((void *)0) (suspend_any_md_where() +1819 programs/pluto/state.c)
My config file
conn <profile_name>
authby=secret
pfs=yes
auto=add
rekey=yes
left=%defaultroute
leftid=<Left Public IP>
leftsubnet=<Left Private Network>
fragmentation=yes
encapsulation=auto
ikev2=yes
ipsec-interface=1
ike=aes256-sha2_256;dh14
phase2=esp
phase2alg=aes256-sha2_256;dh14
salifetime=24h
type=tunnel
ikelifetime=8h
narrowing=yes
conn <profile name_1>
also=<profile_name>
right=<Right Public IP>
rightid=<Right ID>
rightsubnets={<Right Private Network 1> <Right Private Network 2>}
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
