starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 18:15:50 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #192] cannot reconnect after session dropped #179

New issue
Closed
opened 2026-03-02 07:44:30 +03:00 by kerem · 4 comments
kerem commented 2026-03-02 07:44:30 +03:00
Owner
Copy link

Originally created by @ilya-demidovich on GitHub (May 14, 2020).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/192

Hello

I had a connection from my home gateway to remote VPS with your docker-ipsec-vpn-server container.
My home ISP drops pppoe session once per day and WAN IP have changing.
Sometimes after my router cannot reconnect VPN with following error messages (looped):

l2tp-out1: initializing...
l2tp-out1: connecting...
initiate new phase 1 (Identity Protection): 92.100.195.35[500]<=>138.197.xxx.xxx[500]
l2tp-out1: terminating... - session closed
l2tp-out1: disconnected
ISAKMP-SA deleted 92.100.195.35[4500]-138.197.xxx.xxx[4500] spi:266c5f2c1b118ee7:aaf45e438da85e22 rekey:1

VPS docker container IPSec logs looks like (looped):

May 14 08:59:52 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: responding to Main Mode from unknown peer 92.100.195.35:500
May 14 08:59:52 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: STATE_MAIN_R1: sent MR1, expecting MI2
May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: STATE_MAIN_R2: sent MR2, expecting MI3
May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: Peer ID is ID_IPV4_ADDR: '92.100.195.35'
May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048}
May 14 09:00:03 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
May 14 09:00:13 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3

Could you please help to resolve an issue?

Originally created by @ilya-demidovich on GitHub (May 14, 2020). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/192 Hello I had a connection from my home gateway to remote VPS with your docker-ipsec-vpn-server container. My home ISP drops pppoe session once per day and WAN IP have changing. Sometimes after my router cannot reconnect VPN with following error messages (looped): ``` l2tp-out1: initializing... l2tp-out1: connecting... initiate new phase 1 (Identity Protection): 92.100.195.35[500]<=>138.197.xxx.xxx[500] l2tp-out1: terminating... - session closed l2tp-out1: disconnected ISAKMP-SA deleted 92.100.195.35[4500]-138.197.xxx.xxx[4500] spi:266c5f2c1b118ee7:aaf45e438da85e22 rekey:1 ``` VPS docker container IPSec logs looks like (looped): ``` May 14 08:59:52 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: responding to Main Mode from unknown peer 92.100.195.35:500 May 14 08:59:52 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: STATE_MAIN_R1: sent MR1, expecting MI2 May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: STATE_MAIN_R2: sent MR2, expecting MI3 May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 92.100.195.35 #1: Peer ID is ID_IPV4_ADDR: '92.100.195.35' May 14 08:59:53 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} May 14 09:00:03 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3 May 14 09:00:13 usa pluto[1731]: "l2tp-psk"[1] 172.21.0.1 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3 ``` Could you please help to resolve an issue?
kerem closed this issue 2026-03-02 07:44:31 +03:00
kerem commented 2026-03-02 07:44:32 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (May 14, 2020):

@krotish Hello! If your home ISP drops PPPoE session once a day and WAN IP is changing, your router will likely try to re-establish the VPN connection each time. The retransmitting in response to duplicate packet indicates that the network may be unstable between your router and the VPN server. Unfortunately, I am not aware of a solution. Try asking on your router's community, or the Libreswan users mailing list [1].

[1] https://lists.libreswan.org/mailman/listinfo/swan

<!-- gh-comment-id:628695140 --> @hwdsl2 commented on GitHub (May 14, 2020): @krotish Hello! If your home ISP drops PPPoE session once a day and WAN IP is changing, your router will likely try to re-establish the VPN connection each time. The `retransmitting in response to duplicate packet` indicates that the network may be unstable between your router and the VPN server. Unfortunately, I am not aware of a solution. Try asking on your router's community, or the Libreswan users mailing list [1]. [1] https://lists.libreswan.org/mailman/listinfo/swan
kerem commented 2026-03-02 07:44:32 +03:00
Author
Owner
Copy link

@ilya-demidovich commented on GitHub (May 14, 2020):

However VPN connecting successfully if I disconnect in router and then manually connect approx. after 1 minute.
It's only a trouble with automatically reconnections. Maybe Libreswan did't clear something about last session or something related.

<!-- gh-comment-id:628733122 --> @ilya-demidovich commented on GitHub (May 14, 2020): However VPN connecting successfully if I disconnect in router and then manually connect approx. after 1 minute. It's only a trouble with automatically reconnections. Maybe Libreswan did't clear something about last session or something related.
kerem commented 2026-03-02 07:44:32 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (May 14, 2020):

@krotish Did you try updating to the latest version of the Docker image? See:
https://github.com/hwdsl2/docker-ipsec-vpn-server#update-docker-image

<!-- gh-comment-id:628738377 --> @hwdsl2 commented on GitHub (May 14, 2020): @krotish Did you try updating to the latest version of the Docker image? See: https://github.com/hwdsl2/docker-ipsec-vpn-server#update-docker-image
kerem commented 2026-03-02 07:44:32 +03:00
Author
Owner
Copy link

@ilya-demidovich commented on GitHub (May 14, 2020):

@hwdsl2 Lin, I'm using latest.

<!-- gh-comment-id:628755643 --> @ilya-demidovich commented on GitHub (May 14, 2020): @hwdsl2 Lin, I'm using latest.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#179
No description provided.