<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body>Hi mitsuo ..<div><br></div><div>I don't know if this is significant but how is it possible to have just one IP addresses for your left subnet since it is a network and single IP at the same time as the cidr notation is a/32.. Can you not use a /30 or later? Imposing wondering if this attributes to your random disconnects because the remote end may be confused some how.. <br><br><span style="font-size:87%">Sent from Samsung Mobile</span> </div></body></html><br><br>
-------- Original message --------
Subject: Re: [Openswan Users] connection dropping.
From: Mitsuo Yazawa <mitsuoyazawa@gmail.com>
To: users@lists.openswan.org
CC:
<br><br><body><div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; COLOR: #008000; FONT-SIZE: 14pt">
<div><font size="4">Hi,</font></div>
<div><font size="4"></font> </div>
<div><font size="4">Thank you for helping me.</font></div>
<div><font size="4"></font> </div>
<div><font size="4">I added those lines, disconnects are still happening
</font></div>
<div><font size="4"></font> </div>
<div><font size="4">any more advice?</font></div>
<div><font size="4"></font> </div>
<div><font size="4">Mitsuo</font></div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div style="FONT: 10pt tahoma">
<div> </div>
<div style="BACKGROUND: #f5f5f5">
<div style="font-color: black"><b>From:</b> <a title="elison.niven@elitecore.com" href="mailto:elison.niven@elitecore.com">Elison Niven</a> </div>
<div><b>Sent:</b> Thursday, September 06, 2012 10:13 PM</div>
<div><b>To:</b> <a title="mitsuoyazawa@gmail.com" href="mailto:mitsuoyazawa@gmail.com">mitsuoyazawa@gmail.com</a> </div>
<div><b>Cc:</b> <a title="users@lists.openswan.org" href="mailto:users@lists.openswan.org">users@lists.openswan.org</a> </div>
<div><b>Subject:</b> Re: [Openswan Users] connection dropping.</div></div></div>
<div> </div></div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">Hello,<br><br>Why
are you not using dpd ? Add this to your conf
:<br><br>dpdaction=restart_by_peer<br>dpddelay=30<br>dpdtimeout=120<br><br>
<div class="moz-cite-prefix">On Thursday 06 September 2012 08:33 PM, Mitsuo Yazawa
wrote:<br></div>
<blockquote cite="mid:C449644EA44D454DB0D359875D479178@SakuraPC" type="cite">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; COLOR: #008000; FONT-SIZE: 14pt">
<div><font size="3">Hi,</font></div>
<div> </div>
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<div><font size="3">I have this connection which connects perfectly and all.
but it keeps disconecting in random times. I need a way to make it stop
disconnecting</font></div>
<div><font size="3">this is my setup:</font></div>
<div> </div>
<div><font size="3">conn tunnelipsec</font></div>
<div><font size="3">
#CLIENT</font></div>
<div><font size="3">
left=<MyIP></font></div>
<div><font size="3">
leftsubnet=10.90.48.10/32</font></div>
<div><font size="3">
#REMOTEHOST</font></div>
<div><font size="3">
right=<targetIP></font></div>
<div><font size="3">
rightsubnet=10.90.0.0/16</font></div>
<div><font size="3">
authby=secret</font></div>
<div><font size="3">
auto=start</font></div>
<div><font size="3">
compress=no</font></div>
<div><font size="3">
type=tunnel</font></div>
<div><font size="3">
pfs=yes</font></div>
<div><font size="3">
forceencaps=yes</font></div>
<div><font size="3">
#PHASE1</font></div>
<div><font size="3">
keylife=28800s</font></div>
<div><font size="3">
#PHASE2</font></div>
<div><font size="3">
phase2=esp</font></div>
<div><font size="3">
phase2alg=3des-sha1,aes128-sha1;modp1536</font></div>
<div><font size="3">
ikelifetime=1800s</font></div>
<div><font size="3">
rekey=yes</font></div>
<div><font size="3">
rekeymargin=15m</font></div></blockquote>
<div> </div>
<div><font size="3">I also added</font></div>
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<div><font size="3">
force_keepalive=yes</font></div>
<div><font size="3"> keep_alive=10
</font></div>
<div> </div>
<div><font size="3">to see if that helped keeping it alive (with no different
result)</font></div>
<div><font size="3">For now I made my own script to detect disconnection, and
restart ipsec service. which has been working but not what I
want.</font></div></blockquote>
<div> </div>
<div><font size="4">any help i would appreciate.</font></div>
<div> </div>
<div><font size="4">Mitsuo</font></div></div></div><br>
<fieldset class="mimeAttachmentHeader"></fieldset> <br><pre wrap="">_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre></blockquote><br><pre class="moz-signature" cols="72">--
Best Regards,
Elison Niven</pre></div></div></div> </body>