[ previous ] [ next ] [ threads ]
 From:  Paul Rae <paul at impacttrainingsolutions dot co dot uk>
 To:  m0n0wall - <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPsec problems with 1.3b15
 Date:  Fri, 14 Nov 2008 00:06:52 +0000
I had a very similar problem to this, and spent weeks troubleshooting this
and really couldn't find any reason for it. Mine was slightly different in
that sometimes it just refused to restore the tunnel.

As odd as it sounds, I think it may be due to the upgrade / old config file.

If I used the config file which worked perfectly on the old version, it
would cause problems on the newer version. No matter if I upgraded or
upgraded and then restored the config file. Even if I formatted the card,
did a fresh install and then restored the config I still had the same

However, if I did a format and fresh install and then manually recreated the
tunnel everything worked fine...

I have no idea why this was, but I tested it countless times and in every
situation the only way to get it to work was to recreate the config file.

May be worth a shot....

On 13/11/2008 23:59, "Andreas Grote" <andreas dot grote at kuka dot se> wrote:

> Hi list,
> I'm experiencing some troubles with a site-to-site IPsec connection using
> m0n0 on my side and a CISCO unit on the end side. After some time, a couple
> of ours, the connection gets broken and I have to disable/enable IPsec to
> get it running again. I have recently upgraded from 1.23b1 to 1.3b15 and
> that's when this problem occurred. I've made an upgrade once before to 1.3b5
> but that one I had to downgrade to 1.23b1 again due to the same problems I'm
> having now. I've marked the "Allow fragmented IPsec packets" check box and
> I'm using main, 3DES and SHA1. It's not so easy to find something in the log
> as you don't really know when the error occurs.
> Anyone having any ideas what to look for?
> Chears
> Andy