[Openswan Users] IP cache on ADSL Connections

Paul Wouters paul at xelerance.com
Wed Nov 7 14:57:40 EST 2007

On Wed, 7 Nov 2007, Frederico Madeira wrote:

> I have a central server with static ip and I'm installing few clients
> using ADSL lines.
> For this clients, the ip assignment is dynamic.
> I'm using no-ip hostnames in ipsec.conf. (right=host.no-ip.org)
> My vpn type is net-to-net.
> I've setup the first connection and was ok.
> After fisrt client reboot, it can't eestablish connections.
> In server log i saw:
> Nov  7 16:19:53 vpn pluto[12087]: ERROR: asynchronous network error
> report on eth1 (sport=500) for message to port 500,
> complainant Connection refused [errno 111, origin ICMP
> type 3 code 3 (not authenticated)]
> Nov  7 16:19:54 vpn pluto[12087]: packet from
> ignoring unknown Vendor ID payload [4f455a7e4261425d725c705f]
> Nov  7 16:19:54 vpn pluto[12087]: packet from
> received Vendor ID payload [Dead Peer Detection].
> In first message server tried to do something using the old client
> ip(before restart), and for sub sequential messages used
> correct ip(after restart)
> I solve this problem restarting ipsec service on server..
> How can I solve this problem without server restart ?

Do you have rekey=no?

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list