[Openswan Users] L2TP/IPSec breaks after 1 hour, no further login possible
Muenz, Michael
m.muenz at spam-fetish.org
Thu Jul 10 11:21:31 EDT 2008
Paul Wouters schrieb:
>> The system is a Debian Etch, OpenSwan 2.4.12 with xl2tp 1.1.12.
>
> Upgrade xl2tpd to 1.2.x ?
Oh, website states latest release is 1.1.12. Is 1.2.X stable enough?
> Why is your server rekeying? The clients should only rekey. Add rekey=no
> to your configuration.
Nice hint, thanks!
> Windows does not support DPD.
Ok, so does OpenSwan drop packets from clients with
isakmp-nat-keep-alive? In my tcpdump on the server I always see:
"IP client.1052 > server.4500: isakmp-nat-keep-alive"
from users with no errors.
Thanks,
Michael
More information about the Users
mailing list