[Openswan Users] IP cache on ADSL Connections
Frederico Madeira
fmadeira at gmail.com
Wed Nov 7 14:33:42 EST 2007
Hi guys,
I have a central server with static ip and I'm installing few clients
using ADSL lines.
For this clients, the ip assignment is dynamic.
I'm using no-ip hostnames in ipsec.conf. (right=host.no-ip.org)
My vpn type is net-to-net.
I've setup the first connection and was ok.
After fisrt client reboot, it can't eestablish connections.
In server log i saw:
Nov 7 16:19:53 vpn pluto[12087]: ERROR: asynchronous network error
report on eth1 (sport=500) for message to 189.70.99.52 port 500,
complainant 189.70.99.52: Connection refused [errno 111, origin ICMP
type 3 code 3 (not authenticated)]
Nov 7 16:19:54 vpn pluto[12087]: packet from 189.70.153.230:500:
ignoring unknown Vendor ID payload [4f455a7e4261425d725c705f]
Nov 7 16:19:54 vpn pluto[12087]: packet from 189.70.153.230:500:
received Vendor ID payload [Dead Peer Detection].
In first message server tried to do something using the old client
ip(before restart) 189.70.99.52, and for sub sequential messages used
correct ip(after restart) 189.70.153.230.
I solve this problem restarting ipsec service on server..
How can I solve this problem without server restart ?
Thanks.
--
Frederico Madeira
fmadeira at gmail.com
www.madeira.eng.br
More information about the Users
mailing list