I'm experiencing IPsec re-establishment troubles again, after upgrading
both endpoints to 1.2b1 this morning.
For your information:
I've been testing Fred's pre-1.2b1 image with my two net4501 for a week
with no problem.
I've been using the following settings:
<shellcmd>sysctl -w net.key.preferred_oldsa=-30</shellcmd>
<shellcmd>echo >>/tmp/pinger.sh ping -i 5 -c 24 -S '$1'
<shellcmd>echo >>/tmp/pinger.sh exec ping -i 60 -S '$1'
<shellcmd>sh /tmp/pinger.sh 192.168.5.254 192.168.1.254 >/dev/null
Of course, in my current setup (1.1b2) I've simply removed the
<shellcmd> entries. Should I consider using them again in place of the
WebGUI keepalive option?
Has the 'obey' -> 'claim' change affected my setup (like Chris
Buechler), even if I use only m0n0wall on both sides of the tunnel?
Comments (and solutions ;-) are welcome!