|
||||||||||
Joost, Great thanks! Dear All, This feature is very important for us, also it is very urgent for us. Could any one make sure if it is one problem with DPD? And could it is fixed in the latest release of m0n0wall or Pfsense? Thanks in advance! Merry Christmas! Jian -----Original Message----- From: Joost van den Broek [mailto:joost at seat dash ibiza dot nl] Sent: 2007Äê12ÔÂ17ÈÕ 7:33 PM To: kingz at westernmobile dot net Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] can't re-create ipsec tunnel automatically after peer side poweroff Jian Zhang schreef: > Dear all, > > We are using one M0n0wall Box(using M0n0wall 1.22) in A city, and in city B > we have one Dlink OFL 300 box create one IPSEC tunnel (as mobile ipsec) to > that M0n0wall in City A, the tunnel works well; then after that Dlink box > power off or Internet link broken, Dlink box can not create that IPSEC > tunnel to City A again automatically, only after releasing SA of that old > tunnel on M0n0wall of City A, Dlink can create one IPSEC tunnel to M0n0wall > again. This is the problem. > > I am not sure if it is about Dead peer detection (DPD) of IPSEC. Could you > help to look into this problem? > > If so, Could m0n0wall support DPD? Which version of m0n0wall can support? > > > Any hint, comment or suggestion will be highly appreciated! > > > > Merry Christmas! > > > > Jian > Hi Jian, Afaik this indeed has to do with the lack of DPD support and we're also experiencing this problem. Not sure if this is gonna fixed in some future release, but the described behaviour is unfortunately as expected. The only solution for now, and recommended in most situations anyway, is using the same device (not m0n0wall) on both sides with DFD support. Joost |