[Openswan Users] Problem with vpn network
Nicole.Haehnel
nicole.haehnel at gmx.net
Fri Jan 21 10:02:31 CET 2005
Hi,
I have a problem with our vpn network.
We have 4 vpnservers with static ips (VPN1 VPN4) and about 6 vpnservers
(PC1 -PC6) with dynamic ips connectet over dsl.
The number our servers grows...
On all locations we have novell edirectory running,
that means every server has to contact all other servers on all other
locations.
The problem are the dynamic ips, which I don't know to connect them.
For this reason I made the tunnels f.e. from PC1 over VPN1 to PC2 - PC6.
So we have on VPN1 about 64 tunnels, on VPN2 - VPN4 10 tunnels and on
PC1 - PC6 also 10 tunnels.
Now I have the problem that connections were completely lost or
"ipsec look" says the tunnel is still there but I can't send any
package, no ping or something else is going through the tunnel.
And it's most on VPN1.
Maybe to many tunnels on VPN1?
We have also one server behind a dsl router with vpn passthrough
function. There are two tunnels to VPN1 with different networks.
Tunnels working, but after a few hours I can't ping, although the
tunnels are up.
It's because the dsl router?
Hown can I build our vpn network better or with fewer tunnels?
Maybe only one tunnel from PC1 - PC6 to VPN1 - VPN4 and then with
routing entries to the other locations.
Do I need ipsec eroute to do that?
Do you need more information about the networks or the ipsec.conf?
Thanks!
Nicole
More information about the Users
mailing list