[Openswan Users] Re-establish tunnel after WAN outage
Frank Murray
frankm at klasonline.com
Thu Mar 4 04:06:39 EST 2010
Thanks David,
That worked perfectly - I'm using Openswan 2.6.22 on a 2.6.31 kernel.
BTW I see that you work on Snapgear. I currently use it on an Intel IXP425 platform and found the build environment to be very elegant and flexible. I didn't come across any public forums where Snapgear was discussed though so can you point me in the right direction?
Cheers,
Frank
On 3 Mar 2010, at 23:30, David McCullough wrote:
> Jivin Frank Murray lays it down ...
>> Hi,
>> I'm using Openswan at the mobile end of an IPSec link with a Cisco ISR at the gateway. The transport link is GSM so from time to time the link goes down and then returns. I'm using DPD to detect that the gateway is no longer present and this give me the option to place the sa in 'hold' mode or to clear the 'sa'.
>>
>> These options make sense if Openswan is at the gateway end but as the mobile end I'd prefer that Openswan detected the peer was unavailable and then tried to re-establish the tunnel.
>
> depending on the openswan version:
>
> dpdaction = restart
>
> or
>
> dpdaction = restart_by_peer
>
> Cheers,
> Davidm
>
>
> --
> David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
> McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Users
mailing list