[Openswan Users] Port floating and DPD

sertys at estates.bg sertys at estates.bg
Thu May 27 07:48:19 EDT 2010


I have been setting mobile VPNs for quite some time now. Mappings go
through the 3g operator's gateway natted. There're moments at which the
udp-mappings get deleted. It's an operator issue, but they seem to be
unable to fix it. I'm setting the dpd heartbeat at 120 seconds, which is
enough for the mapping not to be closed under normal conditions. But in
force majeure the mapping changes. If the SA has been mapped to
gprs-gate.operator.com:1234, i now receive packets from
gprs-gate.operator.com:5678. Is there a way to configure strongswan to
recognize these DPDs and re-map the SA or re-negotiate it. The devices
keep sending notify messages, but the answer goes to the old mapping.



More information about the Users mailing list