Remote Access Client: StrongSwan v5.2.0 on Centos 6.6 VPN Server: StrongSwan v5.2.0 on Centos 6.6
Created an IPsec tunnel that was fairly long-lived, ~2 hours 5 minutes. The only application traffic was a periodic ping from the remote access client to a host inside the VPN, one per minute. Noticed the tunnel went down. Below is the log file around the time of the failure. DMN claims it received a critical signal. No idea how that happened as there was no interactive use of the system at the time. Is this crash of interest? Is there any other data I could retrieve? If I rerun the test, is there any other debugging to enable? Mar 6 01:51:14 ip-10-100-34-179 charon: 01[IKE] reauthenticating IKE_SA cazena-pdc[3] Mar 6 01:51:14 ip-10-100-34-179 charon: 01[IKE] deleting IKE_SA cazena-pdc[3] between 10.100.34.179[linux-test]...a.b.c.d[secgw.cz-dev.com<http://secgw.cz-dev.com>] Mar 6 01:51:14 ip-10-100-34-179 charon: 01[IKE] sending DELETE for IKE_SA cazena-pdc[3] Mar 6 01:51:14 ip-10-100-34-179 charon: 01[ENC] generating INFORMATIONAL request 5 [ D ] Mar 6 01:51:14 ip-10-100-34-179 charon: 01[NET] sending packet: from 10.100.34.179[4500] to a.b.c.d[4500] (76 bytes) Mar 6 01:51:14 ip-10-100-34-179 charon: 14[NET] received packet: from a.b.c.d[4500] to 10.100.34.179[4500] (76 bytes) Mar 6 01:51:14 ip-10-100-34-179 charon: 14[ENC] parsed INFORMATIONAL response 5 [ ] Mar 6 01:51:14 ip-10-100-34-179 charon: 14[IKE] IKE_SA deleted Mar 6 01:51:14 ip-10-100-34-179 vpn: - secgw.cz-dev.com<http://secgw.cz-dev.com> 10.8.64.0/23 == a.b.c.d -- 10.100.34.179 == 10.255.252.2/32 Mar 6 01:51:19 ip-10-100-34-179 charon: 14[IKE] installing new virtual IP 10.255.252.2 Mar 6 01:51:19 ip-10-100-34-179 charon: 14[IKE] restarting CHILD_SA cazena-pdc Mar 6 01:51:19 ip-10-100-34-179 charon: 14[IKE] initiating IKE_SA cazena-pdc[4] to a.b.c.d Mar 6 01:51:19 ip-10-100-34-179 charon: 14[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Mar 6 01:51:19 ip-10-100-34-179 charon: 14[NET] sending packet: from 10.100.34.179[500] to a.b.c.d[500] (1132 bytes) Mar 6 01:51:19 ip-10-100-34-179 charon: 14[IKE] removing DNS server 10.8.65.164 from /etc/resolv.conf Mar 6 01:51:19 ip-10-100-34-179 charon: 09[NET] received packet: from a.b.c.d[500] to 10.100.34.179[500] (465 bytes) Mar 6 01:51:19 ip-10-100-34-179 charon: 09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ] Mar 6 01:51:19 ip-10-100-34-179 charon: 09[IKE] local host is behind NAT, sending keep alives Mar 6 01:51:19 ip-10-100-34-179 charon: 09[IKE] remote host is behind NAT Mar 6 01:51:19 ip-10-100-34-179 charon: 09[DMN] thread 9 received 11 Mar 6 01:51:19 ip-10-100-34-179 charon: 09[LIB] dumping 2 stack frame addresses: Mar 6 01:51:19 ip-10-100-34-179 charon: 09[LIB] /lib64/libpthread.so.0 @ 0x7fb8fd3ab000 [0x7fb8fd3ba710] Mar 6 01:51:19 ip-10-100-34-179 charon: 09[LIB] -> sigaction.c:0 Mar 6 01:51:19 ip-10-100-34-179 charon: 09[LIB] /lib64/libc.so.6 @ 0x7fb8fce13000 [0x7fb8fd1a2ed8] Mar 6 01:51:19 ip-10-100-34-179 charon: 09[LIB] -> interp.c:0 Mar 6 01:51:19 ip-10-100-34-179 charon: 09[DMN] killing ourself, received critical signal Mar 6 01:51:24 ip-10-100-34-179 charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.2.0, Linux 2.6.32-504.1.3.el6.x86_64, x86_64)
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
