[Openswan Users] Re: IPsec hangs when server closes the connection

[androef]

> And are you using "listen-addr 127.0.0.1"
If I omit this, it works.

Stop! I said I use it. I tried. (I promise.) But it doesn't work.

I suspect the problem with the hanging IPsec depends on L2TPD.
If it hangs, I can try the following:

/etc/init.d/l2tpd stop
/etc/init.d/l2tpd start
route add default ppp0

Then the connection is up and running again. An now I can shut it down normally.
Sometimes it works, but sometimes not. I have no ideas - even how to get log data from l2tpd.
It produces nothing in /var/log/messages.

Additionally the system can't shutdown completely, if I can't fix the error.
The last message is "cardmanager is exiting" or something like that.

> so that the l2tpd daemon cannot be reached from the outside?
> 
> > But there ist still a littler problem: After a certain time oc 
> > inactivity the server closes the connection on his own. That's O.K. It 
> > also happens with Windows.
> 
> Check out the lcp-echo-interval for /etc/ppp/options.l2tpd (man pppd).
> It should send out traffic once in a while so that the connection does
> not disconnect.
> 
> > The difference is only: IPsec crashes an hangs.
> > I can't shut down the connection (with parameter --down) nor shut down 
> > IPsec (ipsec stop).
> 
> You will have to be more precise. You might have to use the dumpdir
> parameter in ipsec.conf. But I am a bit puzzled: an ipsec stop should
> always clean up after itself (AFAIK).
> 
> Jacco
> -- 
> Jacco de Leeuw                         mailto:jacco2 at dds.nl
> Zaandam, The Netherlands           <a href=http://www.jacco2.dds.nl>http://www.jacco2.dds.nl</a>_______________________________________________
> Users mailing list
> Users at openswan.org
> <a href=http://lists.openswan.org/mailman/listinfo/users>http://lists.openswan.org/mailman/listinfo/users</a>

Protek-on: CaraMail met en oeuvre un nouveau Concept de Sécurité Globale - www.caramail.com