[ previous ] [ next ] [ threads ]
 
 From:  Cameron Showalter <cameron at gwschool dot com>
 To:  Cameron Showalter <cameron at gwschool dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] vpn tunnel dropping
 Date:  Wed, 15 Jun 2005 14:28:12 -0700 
I think I answered my own question.   changing the lifetime to 4000 
seconds seems to have fixed it for now. 

Cameron Showalter wrote:

> lifetime is set at 400 seconds for both phase1 and 2, on both ends.  
> should it be set to longer?  all other connections are identical, and 
> do not drop - at least I'm not seeing them drop.
>
> thanks,
> cameron
>
>
> Josh Simoneau wrote:
>
>> What are you using for phase 1 and phase 2 times on either side? Are
>> they the same on both ends?
>>
>> Regards,
>> Josh Simoneau
>>
>>
>> -----Original Message-----
>> From: Cameron Showalter [mailto:cameron at gwschool dot com] Sent: 
>> Wednesday, June 15, 2005 2:50 PM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: [m0n0wall] vpn tunnel dropping
>>
>> Hello,
>> I have 8 tunnels working, with data flowing very nicely.   except for 
>> this one tunnel that i continue having issues with.   it happens to 
>> be my only tunnel that required an extra static route to properly 
>> connect.   the live ip for that endpoint is a dsl modem, then behind the
>>
>> dsl modem is my symantec fw/vpn applicance model 100.  the symantec 
>> box has a wan IP of 192.168.254.2.     so on my end I have a static 
>> route set in m0n0 as:
>> LAN     192.168.254.0/24     66.60.133.##
>>
>>
>> which works mostly, but every five minutes I recieve emails from
>> 'node-runner' my nms stating that the connection is down.  once I ping
>> the private IP 99% of the time,  it comes back.  I've had them power
>> cycle the symantec box twice because I couldnt even ping the
>> 66.60.133.xx IP.
>> I've resorted to a crontab entry the sends out 10 pings on the remote
>> side to a local IP every five minutes and that seems to help, but not
>> completely  resolve the problem.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>  
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>