[Openswan Users] vpn connection after internet reconnect

Paul Wouters paul at xelerance.com
Sun Jan 15 23:51:54 CET 2006

On Sun, 15 Jan 2006, Andreas Lüdtke wrote:

> My internet provider is dropping my dsl line every 24 hours. After such a dsl reconnect,
> the vpn connection can only be re-established by stopping/starting Openswan.
> These are the error messages I get:
> Jan 15 05:57:16 (none) kern.warn pluto[6220]: "COMPANY" #25: ISAKMP SA expired (LATEST!)
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #26: max number of retransmissions
> (20) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE
> message
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #26: starting keying attempt 2 of
> an unlimited number
> Jan 15 05:59:10 (none) kern.warn pluto[6220]: "COMPANY" #27: initiating Main Mode to
> replace #26
> I help myself in running a cron job that will stop ipsec before the dsl line disconnects,
> and that start ipsec after the dsl is back online.
> Is there a better way of doing this (without stopping/starting ipsec)?

Use a custom _updown script using leftupdown=/path/to/your/script

See /usr/lib/ipsec/_updown as a reference to build on.


More information about the Users mailing list