[ previous ] [ next ] [ threads ]
 From:  Heinz Teichmann <heinz dot teichmann at wanews dot com dot au>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Still, IPSec VPN with Dyndns hosts
 Date:  Fri, 28 Jan 2011 08:55:19 +0800
On Fri., Jan 21, 2011, Michael wrote:
>>Probably there's a bug in the racoon version of m0n0wall. I've even
>>updated to 1.33b1 after reading that something relating to dynamic
>>IPs and IPSec had been improved (the resolv.conf I think.) Even with
>>1.33b1 I'm having the same problems.
>I just adjusted the configuration which seems to help in my case.
>Since the adjustment, all three m0n0wall routers are indeed able
>to exchange traffic through their VPN tunnels even after one of
>the three IP addresses change.
>The change in the configuration was in the menu Firewall/NAT. If
>you choose 'Enable advanced outbound NAT' in the Outbound tab,
>then make sure to deselect 'Disable port mapping' in the entries.
>When I made this change my VPNs started working (I think.)

I can't confirm this. In my case "Disable port mapping" is always checked because of SIP.
Everywhere in the web interface you see the new address of the other party, but the racoon logs say
that it is trying to establish a connection to the old IP address.
The biggest trial was 3 sites with version 1.32 and all 3 behave the same way.


West Australian Newspapers Group
Privacy and Confidentiality Notice

The information contained herein and any attachments are intended solely for the named recipients.
It may contain privileged confidential information.  If you are not an intended recipient, please
delete the message and any attachments then notify the sender. Any use or disclosure of the contents
of either is unauthorised and may be unlawful. Any liability for viruses is excluded to the fullest
extent permitted by law.

Advertising Terms & Conditions
Please refer to the current rate card for advertising terms and conditions.  The rate card is
available on request or via www.thewest.com.au/ratecard

If you do not wish to receive emails such as this in future please reply to it with "unsubscribe" in
the subject line.