[Openswan Users] Problem recovering VPN after losing WAN
Nick Howitt
n1ck.h0w1tt at gmail.com
Thu Oct 14 16:08:52 EDT 2010
Hi,
I was on a bug hunt because I've noticed a problem when I lose my WAN.
The symptoms are the WAN (cable modem or upstream) goes down the VPN
reconnects but won't route traffic. I got nowhere with this because I
hit something else.
My set up is
PC <--> ClearOS 5.2/Openswan 2.6.29 <--> internet <--> Draytek 2900 with
VPN endpoint
The Draytek router calls ClearOS. I have tried with DPD enabled and have
tested with dpdaction = reset and clear and I have tried with DPD
disabled. If I take down the ClearOS WAN with "ifdown eth0" and bring it
back up again, the connection never comes back up again. To bring the
connection back up I must restart ipsec or do an "ipsec auto --replace
MumIn" and the VPN immediately restarts. To me the problem must be at
the ClearOS/Openswan end but I've no idea where to go next with the
troubleshooting.
If it helps my sanitised conf is:
version 2.0
config setup
interfaces=%defaultroute
oe=no
protostack=netkey
conn %default
type=tunnel
authby=secret
keyingtries=%forever
left=%defaultroute
leftsubnet=192.168.2.0/24
leftsourceip=192.168.2.1
conn MumIn
auto=add
rekey=no
right=far.fqdn
rightsubnet=192.168.10.0/24
rightid=@FromMum
dpdtimeout=120
dpddelay=30
dpdaction=restart
Can you help?
Thanks,
Nick
More information about the Users
mailing list