[Openswan Users] openswan -> cisco 3080 :: 2 tunnels, the 2nd goes always down
Sebastien COUPPEY
sebastien.couppey at zero9.it
Fri Jan 25 03:57:15 EST 2008
Hello,
I have a 2 connections with :
openswan -> cisco VPN 3080
however the 2nd connection goes always down and only restart after a
while.
according to the ipsec auto --status, it seems that the tunnel is UP
as I can see :
500 STATE_QUICK_I2 (sent QI2, IPsec SA established)
for both of the conns.
I tried :
- setup the lifetime on both sides
- enable the dpd detection (after the talks on IRC)
Here is my configuration :
conn milano-to-roma
authby=secret
left=151.2.117.100
leftsubnet=10.0.1.0/27
leftnexthop=%defaultroute
right=223.120.147.100
rightsubnet=10.6.67.0/24
rightnexthop=%defaultroute
ikelifetime=3600
keylife=28800
ike=3des-sha1-modp1024
esp=3des-sha1
dpddelay=30
dpdtimeout=120
dpdaction=hold
auto=start
conn milano-to-roma2
authby=secret
left=151.2.117.100
leftsubnet=10.0.1.0/27
leftnexthop=%defaultroute
right=223.120.147.100
rightsubnet=137.243.194.192/26
rightnexthop=%defaultroute
ikelifetime=3600
keylife=28800
ike=3des-sha1-modp1024
esp=3des-sha1
dpddelay=30
dpdtimeout=120
dpdaction=hold
auto=start
Did I forget something ?
Thanks for any tips
More information about the Users
mailing list