Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 1018 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Pluto is dying over and over again (7.005)

cybermagic
Hi,

I just upgraded from V6 to V7.005. Since then I am not able to get my VPN connection to a Lancom Router back running. The VPN tunnel starts and is up for several seconds and then this happens:

[SIZE="2"]2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #2: responding to Main Mode
2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #2: Peer ID is ID_IPV4_ADDR: '217.86.147.147'
2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #2: sent MR3, ISAKMP SA established
2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #3: responding to Quick Mode
2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #3: Dead Peer Detection (RFC 3706) enabled
2007:07:13-16:49:07 (none) pluto[19339]: "S_Kevelaer_0" #3: IPsec SA established {ESP=>0x6602091b [/SIZE]

How can I stop Pluto from dying - or has anyone a working VPN configuration between ASG7 and a Lancom Router?

Thanks & many greetings
Dominique


This thread was automatically locked due to age.
Parents
  • 0
    we found this issue has to do with nat-traversal.

    one way to stop this is to write "nat_traversal=no" into the file /var/chroot-ipsec/etc/ipsec.conf AND ipsec.conf-default manually.

    nevertheless, what version of lancom-router and what version of firmware are you using?
  • 0 in reply to MartinBurkard
    we found this issue has to do with nat-traversal.

    one way to stop this is to write "nat_traversal=no" into the file /var/chroot-ipsec/etc/ipsec.conf AND ipsec.conf-default manually.

    nevertheless, what version of lancom-router and what version of firmware are you using?


    Thanks a lot for your help. It's a Lancom 1821 with Firmware 6.32.0021. You are right - the nat traversal seems to cause this. In my case it helped to enable it on the lancom side... strange...
Reply
  • 0 in reply to MartinBurkard
    we found this issue has to do with nat-traversal.

    one way to stop this is to write "nat_traversal=no" into the file /var/chroot-ipsec/etc/ipsec.conf AND ipsec.conf-default manually.

    nevertheless, what version of lancom-router and what version of firmware are you using?


    Thanks a lot for your help. It's a Lancom 1821 with Firmware 6.32.0021. You are right - the nat traversal seems to cause this. In my case it helped to enable it on the lancom side... strange...
Children
No Data
Cookie Information Banner