in the meantime I think, it's a bug in the shrew software: the client in some (unforeseeable) cases isn't able to bring up the tunnel.
I've spend this afternoon with trying different IPsec-configurations. Result - ipsec-tools with daemon racoon works fine - openswan with pluto daemon works fine - shrew client qikea with shrew daemon iked hangs during tunnel bringup multiple switching between these 3 configurations always yields the above result. But : after booting the laptop all three configurations work fine, the shrew-problem disappeared!!! The iked-log-file indicates a timeout when the problem occurs 13/08/27 17:54:01 -> : send IKE packet 192.168.179.20:500 -> 178.X.XX.XX:500 ( 540 bytes ) 13/08/27 17:54:01 DB : phase1 resend event scheduled ( ref count = 2 ) 13/08/27 17:54:11 -> : resend 1 phase1 packet(s) [0/2] 192.168.179.20:500-> 178.2.28.85:500 13/08/27 17:54:21 -> : resend 1 phase1 packet(s) [1/2] 192.168.179.20:500-> 178.2.28.85:500 13/08/27 17:54:31 -> : resend 1 phase1 packet(s) [2/2] 192.168.179.20:500-> 178.2.28.85:500 13/08/27 17:54:42 ii : resend limit exceeded for phase1 exchange 13/08/27 17:54:42 ii : phase1 removal before expire time 13/08/27 17:54:42 DB : phase1 deleted ( obj count = 0 ) But the peer side is obviously ok since it cooperates with racoon/openswan Does anybody know how to file a bug report in this case? I've found a description an the shre-homepage for collecting symptoms ut no link to send it. BR Hans-Peter
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
