[Openswan Users] Problem recovering VPN after losing WAN
n1ck.h0w1tt at gmail.com
Fri Oct 15 10:18:43 EDT 2010
The Draytek is Always On and Dial Out only. It reconnects as soon as
Openswan allows it, either by restarting ipsec or reloading the conn. I
thought the DPD action should take care of it.
On 15/10/2010 09:18, Paul Overton wrote:
> I would take a closer look at the Draytek....
> I have had the same experience with OpenSwan and Draytek a number of
> times over the last few years, they generally work better with the
> Draytek VPN services with "always on" and "dial out" only selected. Not
> ideal but can resolve some of these issues.
> Regards Paul
> -----Original Message-----
> From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
> Behalf Of Nick Howitt
> Sent: 14 October 2010 21:09
> To: users at openswan.org
> Subject: [Openswan Users] Problem recovering VPN after losing WAN
> I was on a bug hunt because I've noticed a problem when I lose my WAN.
> The symptoms are the WAN (cable modem or upstream) goes down the VPN
> reconnects but won't route traffic. I got nowhere with this because I
> hit something else.
> My set up is
> PC<--> ClearOS 5.2/Openswan 2.6.29<--> internet<--> Draytek 2900 with
> VPN endpoint
> The Draytek router calls ClearOS. I have tried with DPD enabled and have
> tested with dpdaction = reset and clear and I have tried with DPD
> disabled. If I take down the ClearOS WAN with "ifdown eth0" and bring it
> back up again, the connection never comes back up again. To bring the
> connection back up I must restart ipsec or do an "ipsec auto --replace
> MumIn" and the VPN immediately restarts. To me the problem must be at
> the ClearOS/Openswan end but I've no idea where to go next with the
> If it helps my sanitised conf is:
> version 2.0
> config setup
> conn %default
> conn MumIn
> Can you help?
> Users at openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users