[ previous ] [ next ] [ threads ]
 
 From:  "Jonas Watt Boolsen" <jwb at coreconcept dot dk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Ipsec tunnel up, but no data flowing
 Date:  Mon, 10 Sep 2007 13:39:06 +0100 
> Hi,
> 
> I have a couple of monowalls connected to Astaro by Ipsec tunnels. 
>  - Aprox. once a month I lose the data connection between the
> monowalls - and the only way to fix this is to reboot the monowall.
> 
> Sometimes I can see that there exists multiple SAD's in the Ipsec
> diagnostic page. Sometimes there are only 2.
> 
> The monowalls have dynamic IP's and the Astaro has static IP.
> 
> The log shows this ;
> 
> Sep  9 12:22:57 router racoon: INFO: purging ISAKMP-SA
> spi=ebc82859464f8890:aeb2298be960a44c.
> Sep  9 12:22:57 router racoon: INFO: keeping IPsec-SA spi=2460262313 -
> found valid ISAKMP-SA spi=10a7f50fa7b73683:62523f73be1a6fc9.
> Sep  9 12:22:57 router racoon: INFO: Unknown IPsec-SA spi=2460262039,
> hmmmm?
> Sep  9 12:22:57 router racoon: INFO: purged IPsec-SA spi=2460262039.
> Sep  9 12:22:57 router racoon: INFO: keeping IPsec-SA spi=243495778 -
> found valid ISAKMP-SA spi=10a7f50fa7b73683:62523f73be1a6fc9.
> Sep  9 12:22:57 router racoon: INFO: Unknown IPsec-SA spi=254153031,
> hmmmm?
> Sep  9 12:22:57 router racoon: INFO: purged IPsec-SA spi=254153031.
> Sep  9 12:22:57 router racoon: INFO: purged ISAKMP-SA
> spi=ebc82859464f8890:aeb2298be960a44c.
> 
> 
> Does anyone has a idea what this Unknown Ipsec-SA means ?
> 
> Best Regards,
> 
> Jonas