[Openswan Users] IP cache on ADSL Connections

Frederico Madeira fmadeira at gmail.com
Thu Nov 8 08:15:00 EST 2007


No.
I'll add and test.

What is the function of this parameter ?

Thanks.

-- 
Frederico Madeira
fmadeira at gmail.com
www.madeira.eng.br


2007/11/7, Paul Wouters <paul at xelerance.com>:
> On Wed, 7 Nov 2007, Frederico Madeira wrote:
>
> > I have a central server with static ip and I'm installing few clients
> > using ADSL lines.
> > For this clients, the ip assignment is dynamic.
> > I'm using no-ip hostnames in ipsec.conf. (right=host.no-ip.org)
> > My vpn type is net-to-net.
> >
> > I've setup the first connection and was ok.
> > After fisrt client reboot, it can't eestablish connections.
> >
> > In server log i saw:
> >
> > Nov  7 16:19:53 vpn pluto[12087]: ERROR: asynchronous network error
> > report on eth1 (sport=500) for message to 189.70.99.52 port 500,
> > complainant 189.70.99.52: Connection refused [errno 111, origin ICMP
> > type 3 code 3 (not authenticated)]
> > Nov  7 16:19:54 vpn pluto[12087]: packet from 189.70.153.230:500:
> > ignoring unknown Vendor ID payload [4f455a7e4261425d725c705f]
> > Nov  7 16:19:54 vpn pluto[12087]: packet from 189.70.153.230:500:
> > received Vendor ID payload [Dead Peer Detection].
> >
> > In first message server tried to do something using the old client
> > ip(before restart) 189.70.99.52, and for sub sequential messages used
> > correct ip(after restart) 189.70.153.230.
> >
> > I solve this problem restarting ipsec service on server..
> > How can I solve this problem without server restart ?
>
> Do you have rekey=no?
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>


More information about the Users mailing list