Hi, > activating IKE_REKEY task > initiating IKE_SA rw-win-7[4] to 82.147.51.146 > received DELETE for IKE_SA rw-win-7[3]
Your log level configuration doesn't show any messages, but it seems that Windows is not happy about the rekeying and deletes the SA. > I also tried with and without reauth and it did not change the results. Reauth is not possible, it can't be initiated by the gateway (as we are using EAP) and Windows does not support the reauthentication lifetime extension. > conn rw-win-7 > leftsubnet=0.0.0.0/0 > right=%any > rightsourceip=10.0.1.0/24 > rightid="[...]" > auto=add > esp=aes256-sha1 > ikelifetime=90m > reauth=no I don't see an ike= proposal definition, strongSwan will default to modp2048. Windows does not support that, try it with modp1024. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
