IPsec doesn´t work after upgrade to RUT2M_R_00.07.06.6

Hello,

I have installed a RUT241 with FW version RUT2M_R_00.07.06.6.
Afterwards, the IPsec VPN tunnel can no longer be established.
The following errors are in the log:

Tue Mar  5 20:09:22 2024 authpriv.info ipsec_starter[10900]: charon too long to start... - kill kill
Tue Mar  5 20:09:22 2024 authpriv.info ipsec_starter[10900]: charon has died -- restart scheduled (5sec)
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.2, Linux 5.4.259, mips)
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[KNL] unable to create IPv4 routing table rule
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[KNL] unable to create IPv6 routing table rule
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Tue Mar  5 20:09:27 2024 daemon.info ipsec: 00[CFG] loading secrets from '/var/ipsec/ipsec.secrets'

These messages are constantly repeating.
Is the issue known?
It works with the FW version RUT2M_R_00.07.06.3.

Thanks and regards,
Patrick

Hello,

Apologies for the delayed response.

Are these all the IPSec logs? It seems like it fails to create a table rule, so there’s a chance that something is corrupted. Have you made any changes after you have updated the device?

What firmware version was installed previously?

Have you tried restoring the device to factory defaults and reconfiguring IPSec to see if the issue persists?

Kind Regards,

This topic was automatically closed after 15 days. New replies are no longer allowed.