[Openswan Users] Connection over IPSec times out after exactly 15 minutes

Kevin Keane subscription at kkeane.com
Tue Oct 4 15:28:31 EDT 2011


I'm trying to troubleshoot a problem with another application that 
appears to be related to IPSec. I was hoping to pick the collective 
brains to solve this.

The application in question is bacula, a client-server backup 
application. I have a few servers in a data center in Illinois, and a 
few servers in the home office in California. The bacula director and 
storage (bacula's server side) is in California; the file daemon (client 
side) is in Illinois. Tha data being backed up thus is supposed to 
travel through the IPSec tunnel.

I used to use an SSH tunnel to connect Illinois and California - and in 
fact, two of the servers still use that mechanism without a problem.

Recently, I started using an IPSec tunnel (openswan to a Sonicwall 
device) instead - for now only on one of the servers. Ever since, 
backups of this one server started failing after exactly 15 minutes. The 
error message is, on both sides, Connection reset by peer.

I already asked on the bacula mailing list; somebody there pointed me to 
tcpmss clamping. As I was reading up on it, it didn't sound like it was 
my problem (it doesn't seem to explain why data flows fine for 15 
minutes, and then suddenly stops), but I have to admit that I don't 
fully understand it.


More information about the Users mailing list