> I am using 2 m0n0walls behind 2 dyn IPs (WAN). I am using DynDNS on both
> systems. Both systems receiving a new IP every ~24h. (DynDNS default TTL
> of CNAME is 60s)
> I configured an IPsec tunnel on both systems, running fine. But after IP
> change, the tunnel is dead. My IPsec config has a DPD of 60s (default).
> When I restart racoon (disable/enable IPSec), the tunnel is up again
> I am expecting m0n0wall should detect the dead pear and restart the
> Am I wrong? Or what does DPD (Dead Peer Detection) stand for?
I am coming back to this issue to inform, this issue is suddenly gone, no
clue why it works now as expected. The tunnel is running now for 48 hours
and I also checked the dyndns updates, both IPs changed within the last 36
Everything works just fine.
The only thing I changed is, "my IP address" as "Identifier" in Phase 1
instead of "User FQDN" the DynDNS DNS entry of the local node.
racoon: INFO: DPD: remote ... seems to be dead.
racoon: INFO: purging ISAKMP ...
racoon: INFO: purged ...
racoon: INFO: ISAKMP-SA deleted
racoon: INFO: IPsec-SA expired:
racoon: INFO: IPsec-SA request for ...
Hope this helps...