[Openswan Users] Tunnel goes down for no reason
Paul Wouters
paul at xelerance.com
Tue Sep 11 13:14:54 EDT 2007
On Tue, 11 Sep 2007, Roland Plüss wrote:
> > It does a restart, but unfortunately does not do a new DNS lookup at this
> > point.
> >
> Any chance to get OpenSwan to reload this IP?
Only by using ipsec auto--replace connname
> Otherwise I would have to
> detect this change to restart the tunnel on both ends. Is it possible to
> change the scripts responsible for DPD ( meaning, the action taken when
> it is detected )? Because then I could register a restart of the
> services on both ends to happen after a couple of minutes ( the time it
> takes to propagate the new IP ).
You could run the --replace as part of a leftupdown= script.
> Sure a static IP is better but I'm still trying to get this "through" so
> if I get this working in the mean time it would be nice.
Ask yourself the cost of a static IP, against the headaches and time you
are now investing.
Future versions of openswan will deal with dynamic hostnames properly.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list