[Openswan Users] Re-start connection after connection loss

Andrew Schwartz aschwartz at gmail.com
Tue Feb 10 12:04:03 EST 2009 

Paul,

Do you know if this would this help with my issue?  I'm copying the issue
below:

"I'm having an issue with Openswan 2.4.9 running on Ubuntu 8.04.

I have a site-to-site VPN that periodically goes down and doesn't come back
up.  I need to "kick" it with "ipsec auto --down <connectionname> && ipsec
auto --up <connectionname>" or else it never comes back online.

If anyone has any idea, I'd appreciate it.  Also, if there are any logs that
would be helpful for diagnostics, please let me know.  Unfortunately, I
can't reproduce the problem easily (I just have to wait until it gets in the
stuck state, at which point I unstuck it).  So, if I need to try some
command while the problem is occurring (to produce logs for instance), it
may be a couple of weeks+ before I can send them."

My settings are:

"conn [ConnName]
        left=[LeftIP]
        leftsubnet=[LeftSubnet]
        keyexchange=ike
        ike=3des-sha1
        esp=3des-sha1
        authby=secret
        leftid=[LeftIP]
        ikelifetime=480m
        keylife=28800s
        pfs=no
        right=[RightIP]
        rightsubnet=[RightSubnet]
        auto=start"

Thanks!


On Tue, Feb 10, 2009 at 7:33 AM, Paul Wouters <paul at xelerance.com> wrote:

> On Tue, 10 Feb 2009, Michael Schwartzkopff wrote:
>
> > I want to make my OpenSWAN to restart the connection after a failure
> occured.
> > My I put my connection to auto=start. But this does not seem to help. I
> also
> > tried to use dpdaction=hold. No restart also.
> > kyingtries in not set. So it should be default (0).
> >
> > Is there a timeout (rekey, keylife ?) when openswan tries to reconnect to
> the
> > other gateway?
> >
> > Does dpdaction=hold prohibit this?
>
> You should use dpdaction=restart
>
> Paul
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090210/bb2b70b6/attachment.html

More information about the Users mailing list