[Openswan Users] Hi a problem about disconnection

[Spacelee]

On Mon, Dec 27, 2010 at 11:35 PM, Paul Wouters <paul at xelerance.com> wrote:

> On Mon, 27 Dec 2010, Spacelee wrote:
>
>  my system : xl2tp + openswan + ppp + freeradius + mysql
>> I set simultaneous-use = 1 for a test account in freeradius to limit the
>> online of one account at the same time.
>> my problem is when my WiFi or Mac OS shutdown suddenly, there is no time
>> for client to send disconnect signal to the server, so that server will
>> still
>> think the client is online, when the account try to log in next time, it
>> will meet authentication problem, as server thought it's already online.
>>
>
> This should work without problems. Perhaps you are using an old version of
> openswan?
>
>
This is my version, should I use the newest one?

ipsec --version
Linux Openswan U2.6.24rc5/K2.6.26-2-xen-amd64 (netkey)
See `ipsec --copyright' for copyright information.

xl2tpd --version
xl2tpd version:  xl2tpd-1.2.5





>
>  My question is in openswan or xl2tp, is there any configuration could
>> reach this same effect?
>>
>
> You could enable DPD (see man ipsec.conf) might I'm not sure if OSX
> supports them.
>


I think I have already enabled all of them :
conn L2TP-PSK-NAT
        overlapip=yes
        rightsubnet=vhost:%priv
        also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT
        authby=secret
        pfs=no
        auto=add
#       keyingtries=3
        rekey=no
        ikelifetime=8h
        keylife=1h
        type=transport
        left=xx.xx.xx.xx
        leftprotoport=17/1701
        right=%any
        rightprotoport=17/%any
        dpddelay=30
        dpdtimeout=60
        dpdaction=clear

>
> Paul
>



-- 
*Space Lee*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20101228/34d9c6ef/attachment-0001.html