[Openswan Users]
Paul Wouters
paul at xelerance.com
Thu Dec 9 17:26:34 CET 2004
On Thu, 9 Dec 2004, Duncan Reed wrote:
> Windows IPSec/L2TP clients connect fine, they do some work, they lose
> there connection while NOT being idle at a (seemly) random period of
> time (Happened from anywhere between 5 mins to 1hr+).
>
> Eventually (I guess) the dead peer connection picks it up and you see it
> go into %hold. At some point I think after dpdtimeout is reach its
> cleared.
>
> Until it clears the client with that ip address cannot log back into the
> VPN.
For roadwarrior connections you should always use dpdaction=clear. After
all, the roadwarrior can come back from another IP as well.
Only use dpdaction=hold on static tunnels.
As for the original prolbem, this might be a bug in the windows rekeying
method. e're looking into some reports and a proper fix.
Paul
More information about the Users
mailing list