[ previous ] [ next ] [ threads ]
 From:  "Andreas Grote" <andreas dot grote at kuka dot se>
 To:  "'m0n0wall -'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  SV: [m0n0wall] IPsec problems with 1.3b15
 Date:  Fri, 14 Nov 2008 01:36:15 +0100
I'll try that but I suppose it means I also have to add all my rules and the
complete settings by hand or do you mean just to delete the tunnels and add
them manually on the new version? I've got at lot of settings, thatís why I
ask ;)

-----Ursprungligt meddelande-----
Från: Paul Rae [mailto:paul at impacttrainingsolutions dot co dot uk]
Skickat: den 14 november 2008 01:07
Till: m0n0wall -
Ämne: Re: [m0n0wall] IPsec problems with 1.3b15

I had a very similar problem to this, and spent weeks troubleshooting this
and really couldn't find any reason for it. Mine was slightly different in
that sometimes it just refused to restore the tunnel.

As odd as it sounds, I think it may be due to the upgrade / old config file.

If I used the config file which worked perfectly on the old version, it
would cause problems on the newer version. No matter if I upgraded or
upgraded and then restored the config file. Even if I formatted the card,
did a fresh install and then restored the config I still had the same

However, if I did a format and fresh install and then manually recreated the
tunnel everything worked fine...

I have no idea why this was, but I tested it countless times and in every
situation the only way to get it to work was to recreate the config file.

May be worth a shot....

On 13/11/2008 23:59, "Andreas Grote" <andreas dot grote at kuka dot se> wrote:

> Hi list,
> I'm experiencing some troubles with a site-to-site IPsec connection 
> using m0n0 on my side and a CISCO unit on the end side. After some 
> time, a couple of ours, the connection gets broken and I have to 
> disable/enable IPsec to get it running again. I have recently upgraded 
> from 1.23b1 to 1.3b15 and that's when this problem occurred. I've made 
> an upgrade once before to 1.3b5 but that one I had to downgrade to 
> 1.23b1 again due to the same problems I'm having now. I've marked the 
> "Allow fragmented IPsec packets" check box and I'm using main, 3DES 
> and SHA1. It's not so easy to find something in the log as you don't
really know when the error occurs.
> Anyone having any ideas what to look for?
> Chears
> Andy

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch