[Openswan Users] Problem with DPD.
Paul Wouters
paul at xelerance.com
Thu Nov 6 12:16:27 EST 2008
On Thu, 6 Nov 2008, Anirudh Kamatgi wrote:
> I have a gateway-gateway tunnel setup using OpenSwan version 2.6.16 and have
> DPD enabled with dpddelay=60, dpdtimeout=120 and dpdaction=hold.
> I am facing a problem when I bring one end of the tunnel down( ipsec auto
> --down 'tunnel name' followed by ipsec auto --delete 'tunnel name' ).
Using --down *informs* the other end that the tunnel is going down. it
is not the same as crashing or unplugging the machine.
> The tunnel is obviously not established because there is no line containing
> "IPsec SA established" anywhere in the output of ipsec auto --status.
It will also not be able to re-establish, since you --delete'ed the
connection.
Paul
More information about the Users
mailing list