[Openswan Users] Duplicate Tunnels

Paul Wouters paul at xelerance.com
Tue Jul 25 23:15:25 CEST 2006


On Tue, 25 Jul 2006, doug.johnson at vifanusa.com wrote:

> Everything is working between two LAN's using IPSEC. However I have
> noticed that if I put auto = start on both server configs I sometimes get
> two tunnels between the sites if connection was broke and was
> re-established. Is this expected or is there a problem that I need to
> further investigate? Or, do I only need to put auto = start on one of the
> tunnel servers?

Using auto=start on both ends ensures they both try to re-establish the
tunnel if things go wrong. If one end never realised one tunnel went
away, you might see the second one. Though if you use uniqueids=yes,
it should also kill the old tunnel.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list