[Openswan Users] Re-establish tunnel after WAN outage
David McCullough
david_mccullough at mcafee.com
Wed Mar 3 18:30:38 EST 2010
Jivin Frank Murray lays it down ...
> Hi,
> I'm using Openswan at the mobile end of an IPSec link with a Cisco ISR at the gateway. The transport link is GSM so from time to time the link goes down and then returns. I'm using DPD to detect that the gateway is no longer present and this give me the option to place the sa in 'hold' mode or to clear the 'sa'.
>
> These options make sense if Openswan is at the gateway end but as the mobile end I'd prefer that Openswan detected the peer was unavailable and then tried to re-establish the tunnel.
depending on the openswan version:
dpdaction = restart
or
dpdaction = restart_by_peer
Cheers,
Davidm
--
David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Users
mailing list