[Openswan Users] L2TP/IPSec breaks after 1 hour, no further login possible

Muenz, Michael m.muenz at spam-fetish.org
Thu Jul 10 11:21:31 EDT 2008

Paul Wouters schrieb:
>> The system is a Debian Etch, OpenSwan 2.4.12 with xl2tp 1.1.12.
> Upgrade xl2tpd to 1.2.x ?

Oh, website states latest release is 1.1.12. Is 1.2.X stable enough?

> Why is your server rekeying? The clients should only rekey. Add rekey=no
> to your configuration.

Nice hint, thanks!

> Windows does not support DPD.

Ok, so does OpenSwan drop packets from clients with 
isakmp-nat-keep-alive? In my tcpdump on the server I always see:

"IP client.1052 > server.4500: isakmp-nat-keep-alive"

from users with no errors.


More information about the Users mailing list