Results 1 to 1 of 1
Hai, I am using Safenet SoftRemote LT agent as Remote VPN client. I have configured the SA life of Authentication protocols ( Encryption and Data Integrity Algorithm) to 300 seconds. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-20-2009 #1
- Join Date
- Jul 2009
SoftRemote client doesnot accept new IP address from server after re-key
I am using Safenet SoftRemote LT agent as Remote VPN client. I have configured the SA life of Authentication protocols ( Encryption and Data Integrity Algorithm) to 300 seconds. The SA life of Key Exchange protocol is also configured as 300 seconds.
The connection gets established properly and a VPN client (vpnc) interface (Eg., 192.168.1.103 ) is created in the client, and data transfer also happens successfully between server and client.
Now every 300 seconds,the server sends a new IP address (Eg., 192.168.1.100 ) to the RaVPN client. At this instance, the SoftRemote client asks for the username and password again. Now data transfer stops. Once the username and password is given again, data transfer resumes.
But the RaVPN client doesnot accept the new IP address that is given by the server and the vpnc interface that is created also is not updated with the new IP address .Instead it continues to work with the first IP address that was given to the client.
The logs observed in client side are as follows :
::: Received Private IP address = <192.168.1.100 >
::: SENDING >>>> ISAKMP OAK TRANS *(HASH,ATTR)
::: Initiating IKE Phase2 with Client (Message id : )
::: Initiator = IP ADDR = < 192.168.1.103 > prot = 0, port = 0
::: Responder = IP SUBNET/MASK = 192.168.2.0 / 255.255.255.0 , prot - 0 , port = 0
::: SENDING >>>> ISAKMP OAK QM *(HASH, SA, NON, KE, ID, 2X)
::: RECEIVED <<< ISAKMP OAK QM *(HASH, SA, NON, KE, ID, 2X)
::: Route 192.168.2.0 / 255.255.255.0 ----> 192.168.5.103 added.
Please let me know if SoftRemote client supports re-keying in the above fashion only, or doesit have to accept the new address that is send by the server ?
If the new address is accepted, how is data transfer ( ftp transfer of a large file )supposed to take place?