Re: [m0n0wall] IPSEC VPN requires daily restart

From:	Matt Brown <matt at mbrown dot co dot uk>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	M0n0Wall <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] IPSEC VPN requires daily restart
Date:	Mon, 9 May 2005 22:23:47 +0100

On 9 May 2005, at 22:12, Chris Buechler wrote:

> On 5/9/05, Matt Brown <matt at mbrown dot co dot uk> wrote:
>
>>
>> On 9 May 2005, at 21:31, Chris Buechler wrote:
>>
>>
>>> On 5/9/05, Matt Brown <matt at mbrown dot co dot uk> wrote:
>>>
>>>
>>>>
>>>> I am having a small problem with VPN's, I have managed to get
>>>> multiple m0n0 to m0n0 VPN's running for various sites - but they  
>>>> seem
>>>> to require a manual restart every day.
>>>>
>>>>
>>>>
>>>
>>> That usually happens when you have mismatched timeouts on one or  
>>> both
>>> phases.  Otherwise check your SAD on both sides under Diagnostics ->
>>> IPsec and see what it's showing.
>>>
>>>
>>
>> Do you mean the lifetime value ? if so I have both of these blank (as
>> default) - should they have a value ? or will it mean they will just
>> disconnect sooner/later.
>>
>>
>
> Yeah, that's your problem right there.  Put in something (matching on
> both ends) there and it shouldn't do that.  I know somebody else had
> the same problem not too long ago with leaving it blank.  It's valid
> under some circumstances, but I wouldn't leave it that way for this
> setup.
>

Thanks Chris for you help. I shall set a value and see how that fairs.

Matt