[Openswan dev] Re: [Ticket#: 2004081310000202]
Paul Wouters
paul at xtdnet.nl
Mon Aug 23 21:50:04 CEST 2004
On Mon, 23 Aug 2004, DrayTek Support wrote:
> Dear Paul Wouters,
>
> Here is the beta firmware to add multi-tunnels function for Vigor2600G on the attachment.
> Please upgrade it and kindly share the result with us.
> Note, this beta firmware has been authenticated this function only.
Your beta-firmware image is working flawlessly!
We now have two tunnels up from the Vigor to an Openswan server and traffic is flowing
over both tunnels!
Will you be also updating the vigor 2500's with this bugfix? Since most of our
Vigor models are actually the 2500 (annex A and B) and the 2500Ge models.
The other problem I reported about the failing rekeying was also found. it seems that
the webinterface doesn't always update all the changes you make when there is a popup
involved. So we ended up having some weird tunnel that started from the Openswan end
using ESP and at rekey time the Vigor wanted to negotiate AH only. Openswan incorrectly
marked the ESP tunnel as "up" while it was endlessly failing to rekey over the ISAKMP
channel.
Thanks to Draytek for the great support on this issue!
Paul
More information about the Dev
mailing list