Failed to establish CHILD_SA

Hey there community,

I set up an IPsec-server for VPN-tunnel and everything works great. In fact, I’m abroad at the moment and so far, had no issues at all. :hugs: My client is a Linux-laptop with the strongSwan-plugin for the network-manager.

The only thing that bothers me, is that every 10 seconds or so, for about 15 minutes after the connection has been established IPFire tries to “change” something, which I honestly do not understand at all. :crazy_face: After the 15 minutes, it’s just “keepAlives”, which is fine.

Bildschirmfoto vom 2023-04-12 14-35-39

I did a bit of research and as far as I understand this means that there is an attempt to change the crypto-proposal but thats above my head for now. The tunnel works perfectly anyway but I want to understand whats going on there and what I need to change on my client to make this message go away. :slight_smile:

Thanks in advance and greetings