[Openswan Users] Dead Peer Detection restart causes tunnel to be established, but afterwards cannot ping from either side

Geekman the1geekman at gmail.com
Wed Oct 12 09:11:12 EDT 2011


Just a few things, in case anyone comes a long with similar problems in future.

>>
>> Note that it is likely that the RV042 contains a version of freeswan or
>> older openswan. You might be able to make a custom firmware with upgraded
>> openswan on it.
>>
>> Paul
>>

Seems you were correct, I tracked down some documents relating to the
RV042 which states 1.3.13.x firmware uses FreeSWAN 2.06. With the age
of that release, I guess its no surprise that I'm having some issues.

It seems as part of their release notes, they provide a list of all
OpenSource software:
http://www.cisco.com/en/US/products/ps9923/prod_release_notes_list.html#anchor2

The newer V3 hardware with 4.x firmware seems to instead use
StrongSwan 4.0.4, so it'll be interesting to see how that goes, as I
haven't tested with one of those yet.

> I haven't actually tried the later V3 hardware model, so I will see
> how that goes.
>
> I'll see what I can do about the custom firmware.
>
> Thanks.
>

I was looking at custom firmware on the RV series, its not looking too
hopeful. It seems like someone was sponsoring getting DD-WRT running
on them, but it has been slow going and hasn't happened yet.

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=46764&postdays=0&postorder=asc&start=90

As I understand it, though, because the software used is licensed
under GPL, they are obligated to provide source code for a lot of
these products, I am hoping the RVxx models are included in this. So
I've put in a request for a copy of the source code. With any luck, I
might be able to compile new firmware running OpenSwan.

Thanks all.


More information about the Users mailing list