[vpn-help] Client to Site VPN on linux
Federico Basso
federico.basso at CODIC.com.uy
Wed Mar 1 13:29:57 CST 2017
Hi list!
It is my first post, and i have a question.
Im using the ShrewSoft Client to Site VPN on Linux. It connects to a firewall "Watchguard". On the configuration, im using just 1 ip address for the pool of virtual addresses that the firewall assigns to the VPN client.
The problem is that after a reboot of the machine, it tries to connect again and it fails, and on the firewall we see an error that says:
"2017-01-11 16:55:12 CreditoDeLaCasa-XTM-515-1 iked ras_request_ip_from_addr_pool(): user vpn-soca-3 requests for an IP from address pool VPN-Soca-3_mp, but none is available"
So, the firewall does not release the virtual IP address because it never receives the logout message.
Also, i performed some tests: at the time with the VPN client connected, if we disconnect the network cable, the firewall do receives the logout message and the IP is free for another connection from that user. The same occurs if we kill the shrewsoft process. So the problema only occurs when the machine is restarted.
Does anyone has any clue on what may be happening and how to solve it?
Thanks a lot! Regards.
Federico Basso
CISSP - Consultor Seguridad IT
CODIC Seguridad IT
Argentina I España I Uruguay
t: +5411 52632230 I +3493 7243500 I +598 27066055
www.codic.com.uy<http://www.codic.com.uy/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20170301/ecab1489/attachment.html>
More information about the vpn-help
mailing list