mirror of
https://github.com/hwdsl2/docker-ipsec-vpn-server.git
synced 2026-04-26 01:55:53 +03:00
[GH-ISSUE #363] ios无法连接ikev2,一直处于正在连接...2分钟左右后自己断开 #338
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @mycoffee05 on GitHub (Mar 31, 2023).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/363
任务列表
问题描述
使用清楚简明的语言描述这个 bug。
已按流程配置docker-ipsec-vpn-server,
使用iphone(ios16.3.1)安装vpnclient.mobileconfig后,首次连接ikev2成功,但断开后就再也无法连接,一直处于正在连接...2分钟左右后自己断开。
已尝试过删除镜像重新安装,甚至将服务器重置后重新安装,仍都无法连接。
服务器是racknerd的,ip地址正常,v2ray使用正常。
期待的正确结果
希望能告知解决办法
日志
启用日志,检查 VPN 状态,并且添加错误日志以帮助解释该问题(如果适用)。
2023-03-31T03:46:12.719332+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
2023-03-31T03:46:12.724377+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
2023-03-31T03:46:13.031629+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
2023-03-31T03:46:13.043790+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: reloaded private key matching left certificate '23.94.59.216'
2023-03-31T03:46:13.044589+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: responder established IKE SA; authenticated peer '3072-bit PKCS#1 1.5 RSA with SHA1' signature using peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
2023-03-31T03:46:13.066023+00:00 d5b04a77cc0c pluto[1025]: | pool 192.168.43.10-192.168.43.250: growing address pool from 0 to 1
2023-03-31T03:46:13.066092+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #2: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=09e276e9 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
2023-03-31T03:46:13.095215+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #2: responder established Child SA using #1; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.43.10-192.168.43.10:0-65535 0] {ESPinUDP=>0x09e276e9 <0x1c915d42 xfrm=AES_GCM_16_128-NONE NATD=106.121.9.95:35904 DPD=active}
2023-03-31T03:46:14.084050+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:16.062925+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:20.116236+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:28.461107+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:43.571600+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
2023-03-31T03:46:44.079247+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
2023-03-31T03:46:44.355033+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #3: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
2023-03-31T03:46:44.358139+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #3: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
2023-03-31T03:46:44.702959+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #3: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
2023-03-31T03:46:44.705665+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #3: switched to "ikev2-cp"[2] 106.121.9.95
2023-03-31T03:46:44.706290+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: responder established IKE SA; authenticated peer '3072-bit PKCS#1 1.5 RSA with SHA1' signature using peer certificate '@vpnclient' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
2023-03-31T03:46:44.715415+00:00 d5b04a77cc0c pluto[1025]: | pool 192.168.43.10-192.168.43.250: growing address pool from 1 to 2
2023-03-31T03:46:44.715636+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #4: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=05387127 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
2023-03-31T03:46:44.746937+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #4: responder established Child SA using #3; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.43.11-192.168.43.11:0-65535 0] {ESPinUDP=>0x05387127 <0xa1f3ccfa xfrm=AES_GCM_16_128-NONE NATD=106.121.9.95:35904 DPD=active}
2023-03-31T03:46:45.085029+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 2 seconds for response
2023-03-31T03:46:45.688299+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:47.091537+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 4 seconds for response
2023-03-31T03:46:47.688820+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:51.098199+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 8 seconds for response
2023-03-31T03:46:51.720843+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:46:59.107102+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 16 seconds for response
2023-03-31T03:46:59.900381+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:47:04.188436+00:00 d5b04a77cc0c pluto[1025]: packet from 184.105.247.244:17702: initial Main Mode message received but no connection has been authorized with authby=none and xauth=no
2023-03-31T03:47:15.107750+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 32 seconds for response
2023-03-31T03:47:15.223689+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
2023-03-31T03:47:15.731258+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
2023-03-31T03:47:16.735118+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 2 seconds for response
2023-03-31T03:47:18.739114+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 4 seconds for response
2023-03-31T03:47:22.743840+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 8 seconds for response
2023-03-31T03:47:30.752704+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 16 seconds for response
2023-03-31T03:47:46.755207+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 32 seconds for response
2023-03-31T03:47:47.111207+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 64 seconds for response
2023-03-31T03:48:18.761102+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 64 seconds for response
2023-03-31T03:48:24.024157+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
2023-03-31T03:48:24.030075+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
2023-03-31T03:48:24.433785+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
2023-03-31T03:48:24.436732+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: responder established IKE SA; authenticated peer '3072-bit PKCS#1 1.5 RSA with SHA1' signature using peer certificate '@vpnclient' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
2023-03-31T03:48:24.445795+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #6: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=0f4a57c1 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
2023-03-31T03:48:24.446815+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #6: responder established Child SA using #5; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.43.11-192.168.43.11:0-65535 0] {ESPinUDP=>0x0f4a57c1 <0x2c6d02fe xfrm=AES_GCM_16_128-NONE NATD=106.121.9.95:35904 DPD=active}
2023-03-31T03:48:25.398263+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:48:27.377946+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:48:31.418963+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:48:39.649269+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:48:51.118758+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 128 seconds for response
2023-03-31T03:48:54.951290+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
2023-03-31T03:48:55.454776+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
2023-03-31T03:48:55.675628+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
2023-03-31T03:48:55.679118+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
2023-03-31T03:48:55.985889+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
2023-03-31T03:48:55.988295+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: responder established IKE SA; authenticated peer '3072-bit PKCS#1 1.5 RSA with SHA1' signature using peer certificate '@vpnclient' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
2023-03-31T03:48:55.996600+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #8: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=05a51cb2 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
2023-03-31T03:48:55.997395+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #8: responder established Child SA using #7; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.43.11-192.168.43.11:0-65535 0] {ESPinUDP=>0x05a51cb2 <0x71ddd4bc xfrm=AES_GCM_16_128-NONE NATD=106.121.9.95:35904 DPD=active}
2023-03-31T03:48:56.459366+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 2 seconds for response
2023-03-31T03:48:56.995371+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:48:58.462717+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 4 seconds for response
2023-03-31T03:48:59.027958+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:49:02.465421+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 8 seconds for response
2023-03-31T03:49:03.017987+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:49:10.474181+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 16 seconds for response
2023-03-31T03:49:11.186958+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: IKE_AUTH request fragment 1 of 4 has duplicate Message ID 1; retransmitting response
2023-03-31T03:49:22.762835+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 128 seconds for response
2023-03-31T03:49:26.473407+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 32 seconds for response
2023-03-31T03:49:26.503380+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
2023-03-31T03:49:27.006736+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
2023-03-31T03:49:28.011761+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 2 seconds for response
2023-03-31T03:49:30.014497+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 4 seconds for response
2023-03-31T03:49:34.019120+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 8 seconds for response
2023-03-31T03:49:42.023009+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 16 seconds for response
2023-03-31T03:49:58.027224+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 32 seconds for response
2023-03-31T03:49:58.477311+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 64 seconds for response
2023-03-31T03:50:30.031519+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 64 seconds for response
2023-03-31T03:50:59.123222+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 256 seconds for response
2023-03-31T03:51:02.483345+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 128 seconds for response
2023-03-31T03:51:30.768097+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 256 seconds for response
2023-03-31T03:51:34.032786+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 128 seconds for response
2023-03-31T03:53:10.494198+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 256 seconds for response
2023-03-31T03:53:42.035210+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 256 seconds for response
2023-03-31T03:55:15.127208+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: STATE_V2_ESTABLISHED_IKE_SA: 300 second timeout exceeded after 10 retransmits. No response (or no acceptable response) to our IKEv2 message
2023-03-31T03:55:15.127293+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: liveness action - clearing connection kind CK_INSTANCE
2023-03-31T03:55:15.127671+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #2: ESP traffic information: in=0B out=0B
2023-03-31T03:55:15.154931+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 542.435622s and NOT sending notification
2023-03-31T03:55:15.155013+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[1] 106.121.9.95: deleting connection instance with peer 106.121.9.95 {isakmp=#0/ipsec=#0}
2023-03-31T03:55:46.772818+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: STATE_V2_ESTABLISHED_IKE_SA: 300 second timeout exceeded after 10 retransmits. No response (or no acceptable response) to our IKEv2 message
2023-03-31T03:55:46.773153+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: liveness action - clearing connection kind CK_INSTANCE
2023-03-31T03:55:46.773422+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #4: ESP traffic information: in=0B out=0B
2023-03-31T03:55:46.773749+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #3: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 542.418886s and NOT sending notification
2023-03-31T03:57:26.497943+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: STATE_V2_ESTABLISHED_IKE_SA: 300 second timeout exceeded after 10 retransmits. No response (or no acceptable response) to our IKEv2 message
2023-03-31T03:57:26.497984+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: liveness action - clearing connection kind CK_INSTANCE
2023-03-31T03:57:26.498176+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #6: ESP traffic information: in=0B out=0B
2023-03-31T03:57:26.499044+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #5: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 542.475015s and NOT sending notification
2023-03-31T03:57:58.038958+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: STATE_V2_ESTABLISHED_IKE_SA: 300 second timeout exceeded after 10 retransmits. No response (or no acceptable response) to our IKEv2 message
2023-03-31T03:57:58.039256+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: liveness action - clearing connection kind CK_INSTANCE
2023-03-31T03:57:58.039451+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #8: ESP traffic information: in=0B out=0B
2023-03-31T03:57:58.060609+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95 #7: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 542.385041s and NOT sending notification
2023-03-31T03:57:58.060711+00:00 d5b04a77cc0c pluto[1025]: "ikev2-cp"[2] 106.121.9.95: deleting connection instance with peer 106.121.9.95 {isakmp=#0/ipsec=#0}
服务器信息(请填写以下信息)
客户端信息(请填写以下信息)
其它信息
添加关于该 bug 的其它信息。
@hwdsl2 commented on GitHub (Apr 2, 2023):
@mycoffee05 你好!从你提供的信息来看,很可能是连接被屏蔽或干扰了。IPsec VPN 较容易被干扰,建议另外尝试其他解决方案比如 Shadowsocks。
@mycoffee05 commented on GitHub (Apr 3, 2023):
请问有没有抗干扰的办法...墙内ios设备用ikev2方便一些,用其他软件都很麻烦...