[Openswan Users] IPSec, Windows XP/2000 and Dead Peer Detection
Andrej Trobentar
andrej.trobentar at rikom.si
Wed Oct 12 18:53:17 CEST 2005
Jacco wrote :
>
> I have very little to add at this stage. I suggested that you look in
> the log files of both the Windows clients and Openswan / l2tpd.
>
> Jacco
OK, I will look into it, but openswan should be resistent to this
scenario. What if you are on an ADSL line and pull out the UTP cable? To
wait cca. 60 minutes to connect again isn't a solution. even if the peer
doesn't support DPD...
But it's strange that openswan *clears* the tunnel and route (if the
Windows peer is dead) after around 60 minutes, so I guess there must be a
timer or something that checks this. PPPd and l2tpd drop the sessions
immedietly, only openswan doesn't clear the route and tunnel.
To my other problem :
Do you have any ideas why my static tunnels don't work when I compiled and
used openswan 2.4.2dr2? I haven't changed the configs or any other things.
As soon as I put openswan 2.3.1 back the tunnels started working again.
Are there any known issues about this - openswan 2.4.2dr2 and openswan
2.3.1 not working together? I would like to upgrade to openswan 2.4.2dr2
to test my roadwarrior problems, but if the static tunnels don't work I
can't put this into production :(
Any ideas?
--
Greetings from Slovenia,
Andrej.
More information about the Users
mailing list