IPSEC connection drops and doesn't recover
Antony Mawer
fbsd-net at mawer.org
Tue Jul 31 02:53:50 UTC 2007
On 31/07/2007 10:52 AM, Isaac Kohen wrote:
> I'm running 6.2-REL. My kernel is compiled with IPSEC, IPSEC_ESP, and
> IPSEC_DEBUG. I've installed ipsec-tools 0.6.7.
>
> I've had an openbsd ipsec/vpn gateway for several years that recently died
> as a result of hardware failure. I moved my configuration from isakmpd to
> racoon
> and can connect successfully to all the linksys vpn "routers" that I could
> connect to before. Problem is that after a few hours the connection drops
> and doesn't come back up until I do setkey -F and setkey -FP and restart
> racoon. My openbsd/isakmpd setup worked very well so I'm guessing it's not
> those cheap linksys boxes.
>
> I thought it was racoon at first, so I installed and ran isakmpd on freebsd
> using my isakmpd.conf from the openbsd box that I knew worked, but the same
> problem persisted.
Another "me too" -- we have been running an IPSEC link between FreeBSD
6.2-RELEASE gateway and a Billion 7404VGO VPN router. The VPN link
itself operates fine, but frequently the connection drops and we have to
go through a song-and-dance of restarting racoon, the VPN router, etc
trying to get it back up and running.
I haven't got around to tracking down the exact sequence necessary to
bring it back up and running, but eventually after restarting everything
we manage to get things operating again (until the next time).
I will try and find some more details when I get the opportunity...
--Antony
More information about the freebsd-net
mailing list