Re: [m0n0wall] Re: ipsec vpn starts one-way

From:	Joe <j dot commisso at verizon dot net>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Re: ipsec vpn starts one-way
Date:	Sat, 19 Apr 2008 21:08:52 -0400
The nic is doing the best it can.
It is a 10Mbps nic. Then it goes to a 10/100 switch and then to each
client.

The problem is that the tunnel doesn't open up when initiating a
connection from the right end. Only the left end can start the tunnel,
it seems. After that, everything is fine.

If the collisions aren't necessarily a big deal, that's a relief.

Thanks,
Joe


On Sat, 2008-04-19 at 18:04 +0100, Neil A. Hillard wrote:
> Hi,
> 
> In message <1208623570 dot 3212 dot 14 dot camel at laptop dot localdomain>, Joe
> <j dot commisso at verizon dot net> writes
> >
> >I just noticed that the site on the right has 22045 LAN collisions while
> >the site on the left has 0.
> >
> >The site on the right also has an older LAN NIC and is at "10baseT/UTP
> ><half-duplex>". I think the LAN NIC is a 3com.
> 
> That in itself doesn't necessarily mean anything's wrong.  It may be
> connected to a hub or a switch port that's been set to 10Mbps half
> duplex.
> 
> If it's connected to a switch and there's a duplex mismatch then it's a
> different matter and you may have to force it to full duplex in the
> config.
> 
> HTH,
> 
> 
>                                 Neil.
> 
> >On Sat, 2008-04-19 at 12:11 -0400, Joe wrote:
> >> As an added note on this, I don't know if I made myself too clear.
> >> Being that the tunnel only forms when pinging from the left, this is a
> >> big problem for us, since I can't do it during working hours because
> >> users (on the right) sessions get severed.
> >>
> >> Our business structure has sessions initiating on the right end, but
> >> m0n0wall only builds the tunnel when pinging from the left.
> >> After that, everything seems fine.
> >>
> >> I don't know what added info to include on this issue, but will be glad
> >> to provide it if needed.
> >>
> >> Thanks,
> >> Joe
> >>
> >>
> >>
> >> On Fri, 2008-04-18 at 21:57 -0400, Joe wrote:
> >> > Hi,
> >> >
> >> > I have an ipsec 1.3b10 - 1.3b11 tunnel running between two static IP
> >> > addresses.
> >> >
> >> > I also have a m0n0wall server at home where I have a non-static DSL
> >> > modem.
> >> >
> >> > When I power up my home systems, I check the home IP address of my
> >> > m0n0wall server here. Then I log into one of the static IP m0n0wall ends
> >> > of the tunnel and change the ipsec page to save my home IP address as a
> >> > static IP end of a new tunnel.
> >> >
> >> > I save it. I "apply changes". Then I have a tunnel from home and I'm
> >> > connected.
> >> >
> >> > The problem is that when I press "apply changes" to save the ipsec page,
> >> > the original tunnel is severed and won't come up until something like a
> >> > ping is issued from one end only.
> >> >
> >> > If something like a ping or telenet session is issued from the second
> >> > end, it hangs until the tunnel is brought up from the first end.
> >> >
> >> > Any help would be appreciated. m0n0wall is appreciated.
> >> >
> >> > Joe
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
>