So lowering the keylife / ikelifetime didn't solve the problem. I've
enabled debugging and I'll see what it says.
Unfortunately we can't (easily) upgrade CentOS, do you believe that would
make a huge difference though? Are the newer versions of OpenSwan *that *much
more reliable?
On 10 February 2016 at 04:58, Eero Volotinen <eero.volotinen@xxxxxx> wrote:
> Centos 5 is also a bit old os. Is it possible to use newer version? (like
> centos 7 or centos 6?)
>
> Eero
>
> 2016-02-09 19:52 GMT+02:00 Gordon Messmer <gordon.messmer@xxxxxxxxx>:
>
> > On 02/09/2016 07:04 AM, John Cenile wrote:
> >
> >> does anyone have any suggestions on what the problem might be?
> >>
> >
> > Not off the top of my head, but if I were you, I'd enable debugging of
> > "control" and "dpd". See man ipsec.conf (/plutodebug) and man
> ipsec_pluto.
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > https://lists.centos.org/mailman/listinfo/centos
> >
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
