[Openswan Users] General VPN issues concerning dropped tunnels

[Sean Waite]

At the moment I have a VPN between a Cisco PIX (v6.3.5) and Endian Firewall 
(IPCop branch). This is the fourth VPN I have run, the previous being 
m0n0wall and pFsense, and an earlier version of Endian. A common problem 
between all of them has been random drops in the VPN. While everywhere I 
look the tunnel shows to be active, in fact no data crosses over. The first 
VPN I ever did with non Cisco equip was with m0n0wall, that did remain 
pretty stable, only occasionally dropping. The next pFsense last about 5-10 
minutes and then all traffic would cease, although both the PIX and pFsense 
reported the tunnel as active. A week ago I got so frustrated with Endian 
being so unreliable I went back and tried pFsense and m0n0wall again, with 
no luck. I went and re-installed Endian, and very strangely the VPN has been 
up now for a week without any interruptions. Yet I am basically using the 
same config. In fact I have hardly changed anything on the PIX side except 
for my IP address

As I am not very knowledgeable about IPSEC VPNs, I am curious to know what 
are the common causes I may have been experienced. In other words what is 
generally the problem to look at? I found personally the BSD logs of pfSense 
and m0n0wall to be useless to me at least, while the Linux ones 
unfortunately logged everything but the problems.

Sean Waite
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070428/bc41e325/attachment.html