Hi Everybody,
I have version 1.231 running on a 600MHz PC with
4 IPsec tunnels: two to other m0n0walls and one to
a Cisco 3030 and one to a Cisco ASA. The first three
tunnels have been working perfectly for about a year.
The tunnel to the Cisco ASA however is new and is
giving me the following problem:

Racoon establishes the SA and opens the tunnel to
the Cisco ASA without any problems. The tunnel 
will remain operable, timing out and establishing
a new SAs without trouble. But if heavy traffic
is pushed through it, after about 50 to 200 MB, the
tunnel eventually closes up.
Once the tunnel closes I can't get it to reopen.
Attempts to ping through the tunnel are recorded on
the firewall logs but there is no resonse from racoon.
If I delete the SA for the tunnel and then ping through
it raccoon resonds with :
 racoon: INFO: initiate new phase 2 negotiation: 172.16.6.1[0]<=>66.177.85.90[0]
 racoon: ERROR: 66.179.85.90 give up to get IPsec-SA due to time up to wait.

The only way to get the tunnel working again is to disable and enable IPsec
or just reboot m0n0Wall entirely.

Has anybody experienced a problem like this? Is there a 
system dump command that I should use to glean more detailed
information when the tunnel has closed up?

I have plenty of log information if anybody is interested.

Thanks for looking at this posting,
-Dave





--