[ previous ] [ next ] [ threads ]
 
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  <m0n0wall at lists dot m0n0 dot ch>, <tixe at tixe dot com dot ar>
 Subject:  AW: [m0n0wall] possible IPSEC-Bug in 1.2b3? please verify if possible
 Date:  Fri, 21 Jan 2005 18:42:43 +0100
As I have to connect two networks and not only one client to a network pptp 

configuration everything works fine, so it IS possible. The IP of the
dynamic side changes every 24 hours, so it is not an option to run this as 

from time to time either. I think something must have changed from 1.11
to 1.2b3 causing the failure as it is running with 1.11.


Von: Tixe Exit [mailto:tixe at tixe dot com dot ar] 
Gesendet: Freitag, 21. Januar 2005 18:35
An: m0n0wall at lists dot m0n0 dot ch
Betreff: RW: [m0n0wall] possible IPSEC-Bug in 1.2b3? please verify if possible


How you resolved, the thing that the into the Statica m0n0 put the IP from
the dynamic (when the dynamic change every N Times ).

I tried to run IPSec into m0n0 from dynamic to dynamic, and i can't do that,
an from static to dynamic the same thing, only i can do work static to
static, ( i do no tryied to work with ipsec with mobile clients, for that i
use PPPTP ).

Tixe

-----Original Message-----
From: Holger Bauer [mailto:Holger dot Bauer at citec dash ag dot de]
Sent: Friday, January 21, 2005 2:23 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] possible IPSEC-Bug in 1.2b3? please verify if possible

Hi,

I have 2 m0n0s running with pppoe-connection, one with static IP, one with
dynamic IP.
I configured an IPSEC, the static one is accepting mobile clients, the
dynamic one is tunnelling to the static IP. The problem is the following:

(time up waiting for key). The logs of the static m0n0 show, that the
request
of the dynamic m0n0 comes in, after that it tries to generate a key which

but it is most common, that the next keyexchange fails then (the
reauthorisation after the lifetime has expired).
I downgraded first the dynamic m0n0 to 1.11 with no success, still the same
errors. After that I downgraded the static m0n0 to 1.11 and since this there
were no problems with the tunnel any more. The config.xml is still the same,
as I only downgraded the firmware of the running system without changing

checked the configuration several times.




know when).

Kind regards,
Holger Bauer




____________
Virus checked by G DATA AntiVirusKit




---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



____________
Virus checked by G DATA AntiVirusKit
Version: AVK 15.0.2562 from 21.01.2005
Virus news: www.antiviruslab.com

____________
Virus checked by G DATA AntiVirusKit