[Openswan Users] Dead Peer Detection restart causes tunnel to be established, but afterwards cannot ping from either side

[Geekman]

On Wed, Oct 12, 2011 at 6:13 AM, Paul Wouters <paul at xelerance.com> wrote:
> On Tue, 11 Oct 2011, Geekman wrote:
>
>> Furthermore, I was able to ping to the Cisco remote peer while our
>> RV042 remote peer I could not ping after a restart of IPSec; both
>> tunnels terminated at the same OpenSwan box. So it seems to me that
>> the issue is somehow specific to the IPSec implementation on the RV042
>> devices themselves.
>
> Try flashing the RV042 with the latest firmware (4.0.4.02)
>
> http://www.cisco.com/cisco/software/release.html?mdfid=282414010&softwareid=282465789&release=4.0.4.02-tm&relind=AVAILABLE&rellifecycle=&reltype=latest
>
> Note that it is likely that the RV042 contains a version of freeswan or
> older openswan. You might be able to make a custom firmware with upgraded
> openswan on it.
>
> Paul
>

Hi Paul,

Thanks for the response. Unfortunately, that firmware version required
V3 hardware, which is a different model of the RV042. The latest
version of firmware I can use on the older model is 1.3.13.02, which
is what I used for at least one of the test tunnels back to our
office. The other RV042 is perhaps not the latest.

I haven't actually tried the later V3 hardware model, so I will see
how that goes.

I'll see what I can do about the custom firmware.

Thanks.