[Openswan Users] question regarding set-up
Peter McGill
petermcgill at goco.net
Wed Aug 27 16:48:48 EDT 2008
Dan,
If you want DPD, then you must enable it, you have it off right now.
Add the following to your conn in ipsec.conf:
dpddelay=30
dpdtimeout=120
dpdaction=restart
Peter McGill
IT Systems Analyst
Gra Ham Energy Limited
> -----Original Message-----
> From: users-bounces at openswan.org
> [mailto:users-bounces at openswan.org] On Behalf Of Dan Meiron
> Sent: August 27, 2008 4:28 PM
> To: users at openswan.org
> Subject: [Openswan Users] question regarding set-up
>
> Attached is my ipsec.conf file which I use to make a road warrior
> connection with a Netgear FVS124G VPN gateway
>
> For the most part it works except for the following weirdness
>
> 1. I can't seem to get DPD to work - I use a hack of
> constantly pinging
> a host inside the 10.128 network so that the connection does not time
> out. The gateway does support DPD and when I use it with Netgear's
> client (Safenet) it does stay alive. Anything worth trying here?
>
> 2. the more severe problem is that on some nets I do the key exchange
> and routing successfully but I cannot ping or connect to anything. Is
> this a problem with my set-up? On many other nets everything
> works fine.
> I have checked with one provider and the ipsec ports are open
> and UDP is
> also passed, Any thoughts? I know this sounds weird but
> perhaps others
> had this experience
>
> thanks for any advice
>
> Dan
>
>
More information about the Users
mailing list