Results 1 to 3 of 3
  1. #1
    Untangler
    Join Date
    Jan 2011
    Posts
    36

    Default VPN Timeout after 10 mins

    Hi,

    Having issues with IPSec VPN timing out after 10 mins. I have this on Android 7.0 and MacBook Pro both using the build in VPN functionality.

    Lots of 'unable to reauthenticate' events' etc.

    Any idea what is going on here / how to resolve the issue ?

    Thanks.

    Code:
    Jul  7 10:25:10 untangle charon: 10[CFG] lease 198.19.0.1 by 'phil' went offline
    Jul  7 10:25:10 untangle charon: 10[NET] sending packet: from 192.168.0.254[4500] to 81.145.231.74[28065] (108 bytes)
    Jul  7 10:25:10 untangle charon: 10[ENC] generating INFORMATIONAL_V1 request 1020595339 [ HASH D ]
    Jul  7 10:25:10 untangle charon: 10[IKE] sending DELETE for IKE_SA VPN-XAUTH-0[26]
    Jul  7 10:25:10 untangle charon: 10[IKE] deleting IKE_SA VPN-XAUTH-0[26] between 192.168.0.254[192.168.0.254]...81.145.231.74[172.16.2.103]
    Jul  7 10:25:10 untangle charon: 10[IKE] deleting IKE_SA VPN-XAUTH-0[26] between 192.168.0.254[192.168.0.254]...81.145.231.74[172.16.2.103]
    Jul  7 10:25:10 untangle charon: 10[NET] sending packet: from 192.168.0.254[4500] to 81.145.231.74[28065] (92 bytes)
    Jul  7 10:25:10 untangle charon: 10[ENC] generating INFORMATIONAL_V1 request 2898521862 [ HASH D ]
    Jul  7 10:24:51 untangle charon: 03[IKE] unable to reauthenticate in CHILD_SA REKEYING state, delaying for 26s
    Jul  7 10:24:49 untangle charon: 04[KNL] creating rekey job for ESP CHILD_SA with SPI c1033e04 and reqid {15}
    Jul  7 10:24:38 untangle charon: 10[IKE] unable to reauthenticate in CHILD_SA REKEYING state, delaying for 13s
    Jul  7 10:24:31 untangle charon: 12[KNL] creating rekey job for ESP CHILD_SA with SPI c8144485 and reqid {15}
    Jul  7 10:24:24 untangle charon: 14[IKE] unable to reauthenticate in CHILD_SA REKEYING state, delaying for 14s
    Jul  7 10:24:20 untangle charon: 05[KNL] creating rekey job for ESP CHILD_SA with SPI 06c52142 and reqid {15}
    Jul  7 10:15:56 untangle charon: 14[IKE] received 3600s lifetime, configured 900s
    Jul  7 10:15:56 untangle charon: 14[IKE] expected IPComp proposal but peer did not send one, IPComp disabled
    Jul  7 10:15:56 untangle charon: 14[ENC] parsed QUICK_MODE request 2351514339 [ HASH SA No ID ID ]
    Jul  7 10:15:56 untangle charon: 06[ENC] generating TRANSACTION response 3300946328 [ HASH CPRP(ADDR DNS) ]
    Jul  7 10:15:56 untangle charon: 06[IKE] assigning virtual IP 198.19.0.1 to peer 'phil'
    Jul  7 10:15:56 untangle charon: 06[CFG] reassigning offline lease to 'phil'
    Jul  7 10:15:56 untangle charon: 06[IKE] peer requested virtual IP %any
    Jul  7 10:15:56 untangle charon: 06[ENC] parsed TRANSACTION request 3300946328 [ HASH CPRQ(ADDR MASK DNS NBNS EXP VER U_BANNER U_DEFDOM U_SPLITDNS U_SPLITINC U_LOCALLAN U_PFS U_SAVEPWD U_FWTYPE U_BKPSRV (28683)) ]
    Jul  7 10:15:56 untangle charon: 06[ENC] unknown attribute type (28683)
    Jul  7 10:15:56 untangle charon: 06[NET] received packet: from 81.145.231.74[28065] to 192.168.0.254[4500] (188 bytes)
    Jul  7 10:15:56 untangle charon: 05[IKE] maximum IKE_SA lifetime 553s
    Jul  7 10:15:56 untangle charon: 05[IKE] scheduling reauthentication in 13s
    Jul  7 10:15:56 untangle charon: 05[IKE] IKE_SA VPN-XAUTH-0[26] established between 192.168.0.254[192.168.0.254]...81.145.231.74[172.16.2.103]
    Jul  7 10:15:56 untangle charon: 05[IKE] IKE_SA VPN-XAUTH-0[26] established between 192.168.0.254[192.168.0.254]...81.145.231.74[172.16.2.103]
    Jul  7 10:15:56 untangle charon: 05[ENC] parsed TRANSACTION response 2713431574 [ HASH CPA(X_STATUS) ]
    Jul  7 10:15:56 untangle charon: 08[ENC] generating TRANSACTION request 2713431574 [ HASH CPS(X_STATUS) ]
    Jul  7 10:15:56 untangle charon: 08[IKE] XAuth authentication of 'phil' successful
    Jul  7 10:15:56 untangle charon: 08[ENC] parsed TRANSACTION response 1401685470 [ HASH CPRP(X_USER X_PWD) ]
    Jul  7 10:15:56 untangle charon: 02[ENC] generating TRANSACTION request 1401685470 [ HASH CPRQ(X_USER X_PWD) ]
    Jul  7 10:15:56 untangle charon: 02[NET] sending packet: from 192.168.0.254[4500] to 81.145.231.74[28065] (92 bytes)
    Jul  7 10:15:56 untangle charon: 02[ENC] generating ID_PROT response 0 [ ID HASH ]
    Jul  7 10:15:56 untangle charon: 02[CFG] selected peer config "VPN-XAUTH-0"
    Jul  7 10:15:56 untangle charon: 02[CFG] looking for XAuthInitPSK peer configs matching 192.168.0.254...81.145.231.74[172.16.2.103]
    Jul  7 10:15:56 untangle charon: 02[ENC] parsed ID_PROT request 0 [ ID HASH ]
    Jul  7 10:15:56 untangle charon: 10[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Jul  7 10:15:56 untangle charon: 10[IKE] remote host is behind NAT
    Jul  7 10:15:56 untangle charon: 10[IKE] local host is behind NAT, sending keep alives
    Jul  7 10:15:56 untangle charon: 10[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Jul  7 10:15:56 untangle charon: 16[ENC] generating ID_PROT response 0 [ SA V V V ]
    Jul  7 10:15:56 untangle charon: 16[IKE] 81.145.231.74 is initiating a Main Mode IKE_SA
    Jul  7 10:15:56 untangle charon: 16[IKE] 81.145.231.74 is initiating a Main Mode IKE_SA
    Jul  7 10:15:56 untangle charon: 16[IKE] received DPD vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received FRAGMENTATION vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received Cisco Unity vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received XAuth vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
    Jul  7 10:15:56 untangle charon: 16[IKE] received NAT-T (RFC 3947) vendor ID
    Jul  7 10:15:56 untangle charon: 16[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V V V ]
    Jul  7 10:15:56 untangle charon: 16[NET] received packet: from 81.145.231.74[58279] to 192.168.0.254[500] (848 bytes)

  2. #2
    Untanglit
    Join Date
    May 2016
    Posts
    19

    Default

    I thought it was just me lol I've had the same issues when I tried it out. I usually just use openvpn though. But yeah it's not just you. I've had the issue on my pixel XL running Android 7 and 8. My logs look the same. Mainly unable to reauthenticate..

  3. #3
    Newbie
    Join Date
    Jun 2017
    Posts
    2

    Default

    I have this issue too, with all clients I have tried.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2