So lowering the keylife / ikelifetime didn't solve the problem. I've enabled debugging and I'll see what it says.
Unfortunately we can't (easily) upgrade CentOS, do you believe that would make a huge difference though? Are the newer versions of OpenSwan *that *much more reliable?
On 10 February 2016 at 04:58, Eero Volotinen eero.volotinen@iki.fi wrote:
Centos 5 is also a bit old os. Is it possible to use newer version? (like centos 7 or centos 6?)
Eero
2016-02-09 19:52 GMT+02:00 Gordon Messmer gordon.messmer@gmail.com:
On 02/09/2016 07:04 AM, John Cenile wrote:
does anyone have any suggestions on what the problem might be?
Not off the top of my head, but if I were you, I'd enable debugging of "control" and "dpd". See man ipsec.conf (/plutodebug) and man
ipsec_pluto.
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos