Manuel,

I'm experiencing IPsec re-establishment troubles again, after upgrading 
both endpoints to 1.2b1 this morning.


For your information:

I've been testing Fred's pre-1.2b1 image with my two net4501 for a week 
with no problem.

I've been using the following settings:

<shellcmd>sysctl -w net.key.preferred_oldsa=-30</shellcmd>
<shellcmd>echo &gt;&gt;/tmp/pinger.sh ping -i 5 -c 24 -S '$1' 
'$2'</shellcmd>
<shellcmd>echo &gt;&gt;/tmp/pinger.sh exec ping -i 60 -S '$1' 
'$2'</shellcmd>
<shellcmd>sh /tmp/pinger.sh 192.168.5.254 192.168.1.254 &gt;/dev/null 
2&gt;/dev/null&amp;</shellcmd>

Of course, in my current setup (1.1b2) I've simply removed the 
<shellcmd> entries. Should I consider using them again in place of the 
WebGUI keepalive option?

Has the 'obey' -> 'claim' change affected my setup (like Chris 
Buechler), even if I use only m0n0wall on both sides of the tunnel?

Comments (and solutions ;-) are welcome!

-- Vincent