[Openswan Users] vpn connection after internet reconnect
Paul Wouters
paul at xelerance.com
Sun Jan 15 23:51:54 CET 2006
On Sun, 15 Jan 2006, Andreas Lüdtke wrote:
> My internet provider is dropping my dsl line every 24 hours. After such a dsl reconnect,
> the vpn connection can only be re-established by stopping/starting Openswan.
> These are the error messages I get:
>
> Jan 15 05:57:16 (none) kern.warn pluto[6220]: "COMPANY" #25: ISAKMP SA expired (LATEST!)
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #26: max number of retransmissions
> (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE
> message
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #26: starting keying attempt 2 of
> an unlimited number
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #27: initiating Main Mode to
> replace #26
>
> I help myself in running a cron job that will stop ipsec before the dsl line disconnects,
> and that start ipsec after the dsl is back online.
>
> Is there a better way of doing this (without stopping/starting ipsec)?
Use a custom _updown script using leftupdown=/path/to/your/script
See /usr/lib/ipsec/_updown as a reference to build on.
Paul
More information about the Users
mailing list