[ previous ] [ next ] [ threads ]
 From:  Michael <monowall at encambio dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  Harbert <harbert at orangebox dot com dot br>, Heinz Teichmann <heinz dot teichmann at wanews dot com dot au>
 Subject:  Re: [m0n0wall] Still, IPSec VPN with Dyndns hosts
 Date:  Fri, 21 Jan 2011 20:18:22 +0100
Hello Herbert and Heinz,

On Fri., nov 12, 2010, Harbert, Orangebox Networks wrote:
>Well I have now 2 sites with DynDNS running, 1x pfSense, 1x M0n0wall,
>IPsec for remote access, also a 3rd with NO-IP (pfSense).
>In general it does not give me trouble, only sometimes directly after an
>IP change on my m0n0 side, I can't build up a connection anymore.
>When at that moment I disconnect the WAN PPPOE it connects automaticly
>again and so far 9 out of 10 times builds up the IPsec again.
>1x it didn't and what I did was "save" the IPsec tunnel again and it
>In both situations I was on the m0n0wall side, so far did not have to do
>something on the pfSense sides.
>Did you check if all parameters are on both sides exactly the same?
I have the same problem as Heinz (as do probably many others.) All
the parameters are indeed the same on both of my m0n0wall routers.
One is behind a PPoE and the other has a static IP address, so this
IPSec using DNS RFC 2136 (I think that's the one) should be working.

Probably there's a bug in the racoon version of m0n0wall. I've even
updated to 1.33b1 after reading that something relating to dynamic
IPs and IPSec had been improved (the resolv.conf I think.) Even with
1.33b1 I'm having the same problems.

Has anyone got this feature to work in the meantime?