[Openswan Users] Prevent Connection Timeout
Paul Wouters
paul at xelerance.com
Wed Jan 24 09:26:19 EST 2007
On Wed, 24 Jan 2007, Sebastian Ries wrote:
> >
> > But after a while (over night) the connection is down and the only way I
> > know to open it again is to restart both (!) ipsec-deamons.
> > (There is no traffic on the tunnel during this time)
>
> I tested if the tunnel would stay up when there is traffic on it...
> Therefore I added a ping to my crontab every three minutes. This did not make
> a difference.
> The next day (today) the tunnel is down again.
Try enabling Dead Peer Detection, see the man page for dpdaction and dpdtimeout.
> > I found out that the connection is not really down, but in a "HOLD" state.
Or perhaps something is failing at rekey time. What do the logs say. It should
say something about what is going wrong.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list