As I posted to the list earlier, I'm having IPsec SA issues with
My post to the list:
> I seem to be having issues with IPsec SA's that cause one of my
> VPN's to go down on 1.2b1. The remote VPN endpoint is a Cisco PIX firewall.
> I ran into this same problem on 1.0 and 1.1, but only a couple
> times in about 5 months. It's happened 3 times in the last 9 hours.
The duplicate SA issue is happening to me almost exactly every 2 hours
today (give or take a few minutes). Always src IP PIX, dst IP
m0n0wall public IP, single SA in the other direction. Deleting all
the SA's for that connection makes it come back within a couple
It went down at 21:50, was back up at 22:00. Down again and back up
at 00:02. Did it again at about 02:06, though I don't have the log
for that period below. Go by the
syslog server's timestamps, not the ones from m0n0 as its clock is
off. Log file at http://chrisbuechler.com/m0n0wall/duplicate-sa.txt
(mailing list wouldn't accept msg with the log, as the message was
more than 30K with it)
12.202.x.x is the m0n0wall box in question, 216.135.x.x is a FreeBSD
w/racoon setup (not m0n0, but similar) and it's rock solid.
64.112.x.x is the PIX firewall that is the other endpoint of the
Relevant portion of config.xml:
If I can provide any more info, please let me know.