|
||||||||
On 9/29/05, Matt Groener <MGroener at line6 dot com> wrote: > We have the same issue as well. Does anyone have an ipsec config they can share that is solid? I wonder if our timeout values are causing this. > my experience is m0n0wall's IPsec components don't stand up well under poor network conditions (frequent drops, etc.). can't really suggest much of anything, as my connections have never had these kind of issues since they tend to be solid (or at least more solid than described). Out of curiousity, what are your timeouts? Just be glad you aren't running a Cisco router site to site VPN. I have the misfortune of running a network of those at work. If a T1 hiccups for just a fraction of a second (making the serial int go down and up), the router drops its SA's and you have to manually clear the SA on the other end to get things to reconnect. I've put my m0n0wall's through much worse and didn't have to touch them. -Chris |