[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Pix-Mono VPN SA Issue
 Date:  Wed, 3 Aug 2005 19:51:35 -0400
On 8/3/05, Don Gray <don at netcaliber dot com> wrote:
> Nobody have an answer for this?

I wrote the part of the docs you linked.  Everything appears to match
up just fine to what I was using at the time (don't have that tunnel
up anymore, that was a previous employer) and it always worked
flawlessly when initiated from either end.  I even googled on that
error message and came upon my own website with a log from some
duplicate SA issues I was having a while back, and I wasn't having any
negotation issues at the time.

Only thing that catches my eye is "satellite link."  If it's the
typical residential satellite connection like through DirecWay or
similar, those have huge latency compared to typical broadband
connections, and even several times higher than dial up usually.  If
that's the case, maybe when the PIX initiates, it just doesn't wait
long enough for the SA to establish.  Shot in the dark, since nobody
else seems to have an answer.  :)