[ previous ] [ next ] [ threads ]
 From:  Cameron Showalter <cameron at gwschool dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] vpn tunnel dropping
 Date:  Wed, 15 Jun 2005 13:40:39 -0700
lifetime is set at 400 seconds for both phase1 and 2, on both ends.  
should it be set to longer?  all other connections are identical, and do 
not drop - at least I'm not seeing them drop.


Josh Simoneau wrote:

>What are you using for phase 1 and phase 2 times on either side? Are
>they the same on both ends?
>Josh Simoneau
>-----Original Message-----
>From: Cameron Showalter [mailto:cameron at gwschool dot com] 
>Sent: Wednesday, June 15, 2005 2:50 PM
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: [m0n0wall] vpn tunnel dropping
>I have 8 tunnels working, with data flowing very nicely.   except for 
>this one tunnel that i continue having issues with.   it happens to be 
>my only tunnel that required an extra static route to properly 
>connect.   the live ip for that endpoint is a dsl modem, then behind the
>dsl modem is my symantec fw/vpn applicance model 100.  the symantec box 
>has a wan IP of     so on my end I have a static route 
>set in m0n0 as:
>LAN 	66.60.133.##
>which works mostly, but every five minutes I recieve emails from
>'node-runner' my nms stating that the connection is down.  once I ping
>the private IP 99% of the time,  it comes back.  I've had them power
>cycle the symantec box twice because I couldnt even ping the
>66.60.133.xx IP. 
>I've resorted to a crontab entry the sends out 10 pings on the remote
>side to a local IP every five minutes and that seems to help, but not
>completely  resolve the problem.
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch