[Openswan Users] Tunnel won't shut down properly

Paul Wouters paul at xelerance.com
Mon Jan 24 12:21:49 CET 2005

On Mon, 24 Jan 2005 tomk at runbox.com wrote:

>> Please tell IPcop to upgrade to openswan-2. You are likely not processing all
>> NOTIFICATIONS, so the IPcop machine keeps the tunnel up and will only accept
>> plaintext packets from your IP until after rekeying has failed. Also check
>> that uniqueids=yes, which should solve this problem. And another way to solve
>> this is to enable Dead Peer Detection, using dpdaction=clear.
>> Paul
>> --
> Thanks Paul - that worked perfectly.

For the record, which of the suggestion I made worked?


"At best it is a theory, at worst a fantasy" -- Michael Crichton

More information about the Users mailing list