Hello Christoph, the only difference I'm seeing is that the peer side initiates the IKE_SA rekeying:
01/22/11 18:02:10 05[IKE] <1> 84.16.235.61 is initiating an IKE_SA but apparently the old IKE_SA is not that there are now two SAs. I don't know to which IKE_SA the existing CHILD_SA is now attached but Martin should know. Regards Andreas On 23.01.2011 17:59, Christoph Anton Mitterer wrote: > Hi > > I have two servers (with static IP and static connection), that have set > up an IPsec tunnel between them using charon. > > Always one server initiates the connection (auto=start) and the other > one adds it only (auto=add). > dpdaction is also restart on the first one, and rekey=yes and reauth=no > (as of the - still unsolved? - bug I've reported here > https://lists.strongswan.org/pipermail/users/2010-October/005343.html) > > All this happens on Debian sid. > > > Since I've upgraded to 4.5.0 (from 4.4.1) I now have the problem that > after some time (below a day), the connection aborts and is not > correctly restarted. > (I've attached some log messages.) > > When I do an ipsec restart, than the connection is created again > correctly. > > > Any ideas? (If you need further data, please ask.) > > > Thanks, > Chris. ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
