[ previous ] [ next ] [ threads ]
 
 From:  Joe <j dot commisso at verizon dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: ipsec vpn starts one-way
 Date:  Sat, 19 Apr 2008 12:46:10 -0400 
I just noticed that the site on the right has 22045 LAN collisions while
the site on the left has 0.

The site on the right also has an older LAN NIC and is at "10baseT/UTP
<half-duplex>". I think the LAN NIC is a 3com.

>From "dmesg" command:

xl0: <3Com 3c900B-TPC Etherlink XL> port 0xdc00-0xdc7f mem
0xdb800000-0xdb80007f irq 10 at device 8.0 on pci0
xl0: selecting 10baseT transceiver, half duplex
xl1: <3Com 3c905B-TX Fast Etherlink XL> port 0xe000-0xe07f mem 0xdb801000-0xdb80107f irq 11 at
device 10.0 on pci0
miibus0: <MII bus> on xl1
xlphy0: <3Com internal media interface> on miibus0
xlphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto

xl0 is the LAN and xl1 is the WAN.




On Sat, 2008-04-19 at 12:11 -0400, Joe wrote:
> As an added note on this, I don't know if I made myself too clear.
> Being that the tunnel only forms when pinging from the left, this is a
> big problem for us, since I can't do it during working hours because
> users (on the right) sessions get severed. 
> 
> Our business structure has sessions initiating on the right end, but
> m0n0wall only builds the tunnel when pinging from the left.
> After that, everything seems fine.
> 
> I don't know what added info to include on this issue, but will be glad
> to provide it if needed.
> 
> Thanks,
> Joe
> 
> 
> 
> On Fri, 2008-04-18 at 21:57 -0400, Joe wrote:
> > Hi,
> > 
> > I have an ipsec 1.3b10 - 1.3b11 tunnel running between two static IP
> > addresses.
> > 
> > I also have a m0n0wall server at home where I have a non-static DSL
> > modem.
> > 
> > When I power up my home systems, I check the home IP address of my
> > m0n0wall server here. Then I log into one of the static IP m0n0wall ends
> > of the tunnel and change the ipsec page to save my home IP address as a
> > static IP end of a new tunnel.
> > 
> > I save it. I "apply changes". Then I have a tunnel from home and I'm
> > connected.
> > 
> > The problem is that when I press "apply changes" to save the ipsec page,
> > the original tunnel is severed and won't come up until something like a
> > ping is issued from one end only.
> > 
> > If something like a ping or telenet session is issued from the second
> > end, it hangs until the tunnel is brought up from the first end.
> > 
> > Any help would be appreciated. m0n0wall is appreciated.
> > 
> > Joe