Join Log in
Score:0
avatar Server

StrongSwan Not Keeping Connection Alive

jp flag
Daniel M.

We have a virtual linux VPN using StrongSwan to integrate some REST API services.

Our VPN works perfectly, however after some time it looses the tunnel connection and goes down. We need to manually enter to the server via SSH and run ipsec restart.

Here's the config file /etc/ipsec.conf:

config setup
        charondebug="all"
        uniqueids=yes

conn dmgateway-to-grupofloresgateway
        type=tunnel
        auto=route
        keyexchange=ikev2
        authby=secret
        left=IP_GOES_HERE
        leftsubnet=IP_GOES_HERE/24
        right=IP_GOES_HERE
        rightsubnet=IP_GOES_HERE/24
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256
        aggressive=no
        keyingtries=%forever
        ikelifetime=86400s
        lifetime=3600s
        dpddelay=30s
        dpdtimeout=86400s
        dpdaction=clear
        inactivity=86400s
        forceencaps=yes
29
0 + 0
vpn
cn flag
ecdsa
Note that `auto=route` (re-)creates the tunnel automatically, however, only if there is outbound traffic that matches `left|rightsubnet`, so you might have to generate such traffic in regular intervals if it does not occur naturally. Investigating why the tunnel goes down might be worthwhile (i.e. read the logs).
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.