Hello, I see errors like "unable to reauthenticate IKE_SA, no CHILD_SA to recreate" and "initiator did not reauthenticate as requested" in the log. I've attached the log and the ipsec.conf to this mail. The peer has the same timeout values configured. Peer is a Fortinet device. I talked to ecdsa on the IRC channel and he mentioned something about the strongswan letting a previous IKE SA time out after creating a new one.
He also suggested that I set uniqueness=never after getting "deleting duplicate IKE_SA for peer 'xx.xx.xx.13' due to uniqueness policy" error and tunnel going down. Since then tunnel has not gone down but I see the above mentioned errors/warnings in the logs. Can someone help me understand what's going on and if there's anything that I need to change in my config. Thanks, Arun G Nair -- ::: Keep Smiling :::
ipsec.conf
Description: Binary data
log
Description: Binary data
status
Description: Binary data
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
