[Openswan Users] Tunnel won't shut down properly
Paul Wouters
paul at xelerance.com
Mon Jan 24 12:21:49 CET 2005
On Mon, 24 Jan 2005 tomk at runbox.com wrote:
>> Please tell IPcop to upgrade to openswan-2. You are likely not processing all
>> NOTIFICATIONS, so the IPcop machine keeps the tunnel up and will only accept
>> plaintext packets from your IP until after rekeying has failed. Also check
>> that uniqueids=yes, which should solve this problem. And another way to solve
>> this is to enable Dead Peer Detection, using dpdaction=clear.
>>
>> Paul
>> --
> Thanks Paul - that worked perfectly.
For the record, which of the suggestion I made worked?
Paul
--
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users
mailing list