[ previous ] [ next ] [ threads ]
 
 From:  Trent the Uncatchable <trent underscore the underscore uncatchable at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Pix-Mono VPN SA Issue
 Date:  Mon, 22 Aug 2005 12:52:22 -0700 (PDT) 
Hi,

This is the same symptom that I described in my above
post.  I also used the PIX to Mono setup in the
handbook and have the same results as Don.  I'll have
to check my logs when I get home to provide you the
M0n0 error message.

Any help would be appreciated here as well.

Thanks,

Thanks for the response, Chris.  I've wondered about
the satellite issue
myself.  It's a DoD spec connection (from what I'm
told).  We get ping
responses between 600-700ms.  I'll do some more
experimenting with the
settings but this kind of has me stumped.   

-----Original Message-----
From: Chris Buechler [mailto:cbuechler at gmail dot
com] 
Sent: Wednesday, August 03, 2005 4:52 PM
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Pix-Mono VPN SA Issue

On 8/3/05, Don Gray <don at netcaliber dot com> wrote:
> Nobody have an answer for this?
> 

I wrote the part of the docs you linked.  Everything
appears to match up
just fine to what I was using at the time (don't have
that tunnel up
anymore, that was a previous employer) and it always
worked flawlessly when
initiated from either end.  I even googled on that
error message and came
upon my own website with a log from some duplicate SA
issues I was having a
while back, and I wasn't having any negotation issues
at the time.

Only thing that catches my eye is "satellite link." 
If it's the typical
residential satellite connection like through DirecWay
or similar, those
have huge latency compared to typical broadband
connections, and even
several times higher than dial up usually.  If that's
the case, maybe when
the PIX initiates, it just doesn't wait long enough
for the SA to establish.
Shot in the dark, since nobody else seems to have an
answer.  :)

-Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at
lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at
lists dot m0n0 dot ch

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com