[Openswan Users] RE: DPD
Shi Lang
shilang at greenpacket.com
Thu Aug 10 06:46:12 EDT 2006
Thanks Paul very much.
Hold is equivalent of "ipsec auto --down Private_test1".
How about:----
Clear is equivalent of "ipsec auto --delete Private_test1" ?
Restart is equivalent of "ipsec auto --delete Private_test1; ipsec auto
--add Private_test1; ipsec auto --up Private_test1; ?
My another doubt is how to see the U_R_THERE message, can I do
" tcpdump -i eth0 not port ssh and port"
Because I can see below every 30seconds by default
" 10:48:51.283438 10.218.101.150.isakmp > 219.93.97.140.isakmp: isakmp:
phase 2/others ? inf[E]: [|hash] (DF)
10:48:51.464522 219.93.97.140.isakmp > 10.218.101.150.isakmp: isakmp: phase
2/others ? inf[E]: [|hash] (DF)
10:49:21.762760 10.218.101.150.isakmp > 219.93.97.140.isakmp: isakmp: phase
2/others ? inf[E]: [|hash] (DF)
10:49:22.003163 219.93.97.140.isakmp > 10.218.101.150.isakmp: isakmp: phase
2/others ? inf[E]: [|hash] (DF)
"
Thanks
Regards,
Shi Lang
-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com]
Sent: Thursday, August 10, 2006 11:01 AM
To: Shi Lang
Cc: users at openswan.org
Subject: RE: DPD
On Thu, 10 Aug 2006, Shi Lang wrote:
> I have a doubt that when dpdaction=clear and reach dpdtimeout, the #19#25
> lines will be deleted. Is the whole "Private_test1" will be deleted also
> (like ipsec auto --delete Private_test1")?
Yes, with dpdaction=clear that will happen. With dpdaction=hold it will
be the equivalent of ipsec auto --down Private_test1.
Paul
More information about the Users
mailing list