I think I have found a bug in 1.21. I have been using 1.2 for a while
now. These are the points of interest.
I have 2 IPSec VPN connections connecting us to 4 different hosts. Both
of these tunnels work perfectly on 1.2. The only time these connections
go down is when there is some problem on the remote end, not with the
Having said that, I tried upgrading a month ago to 1.21 which was
running off of a PC. I switched the firewall that previous night and
started it up and tested connectivity, everything appeared to be fine
(didn't check the vpn connections). Came in the next morning and I was
getting complaints that users couldn't get to those remote hosts through
the IPSec VPN tunnel. So I checked the tunnels. One of the tunnels was
up, but one was not. I called the remote host admins and asked what
could be wrong. They told me nothing changed on their side and so since
the only thing I changed was from 1.2 to 1.21 I decided it must be me.
Anyway, I took down 1.21 and put the 1.2 back in place. Both VPN tunnels
came up just fine and people continued to working.
I recently got approved for a soekris net4801 with the vpn1411 addon
board (joy). I decided I would try the net48xx version of 1.21 and see
if that made a difference. It was no different. This time I tested the
VPN connections before I left and discovered that the same problem as
before was still there. So I had to flash my CF card with 1.2 instead of
1.21 and bring the soekris up with 1.2. There again, both VPN tunnels
came up fine.
I'm not even sure where to start looking for a solution to this problem
I'm seeing. Not really sure if it IS a problem but something has
definitly changed between 1.2 and 1.21 that breaks my VPN tunnels.
Just wanted to let everyone know what I found. I'm not looking for a
solution so much as I wanted the list to know about the problem. I'm
perfectly fine with 1.2.