What are your MTU settings set to ?? I was also having this prob and
found that I had to use an MTU of 1404 ... 1492 is ok for normal
internet traffic, but the extra overhead of vpn packets was pushing the
packets over 1500 bytes, fragmenting and breaking vpn ... set to 1404 it
all works ok !
Also check your SA lifetimes are set to the same, suggest something like
Hope this helps a little
From: Christopher M. Iarocci [mailto:iarocci at eastendsc dot com]
Sent: Wednesday, 13 October 2004 9:36 PM
To: m0n0wall mailing list
Subject: [m0n0wall] VPN broken in current beta
Not sure if this has been mentioned, but here goes just in case.
I have m0n0 connected to a Cisco router and 2 Netopia routers via
IPSec. Since the last beta release I've been having the problem of the
VPN getting disconnected (for whatever reason, could be timeout, could
be internet issues), and then never reconnecting unless I reboot the
m0n0wall, or go into the VPN settings and click "Save". It then quickly
reconnects without issue, until it disconnects again. With version 1.1
and even the previous beta to 1.2b1 I did not have this problem.
Nothing has been changed on the other ends for a LONG time. Just
thought I'd mention this. Can supply logs if you want, although they
don't say much because m0n0 seems to think it's still connected and
never even tries to reconnect.
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
Dore Achievement Centres (Pty) Ltd - Hotline: 1300 55 77 11
This e-mail message may contain confidential or privileged information
and is intended solely for the individual to whom it is addressed. If you
are not the named addressee you should not disseminate, distribute or
copy this e-mail. If you have received it in error please notify us
immediately by telephoning 1300 55 77 11 and destroy this e-mail and
any attachments. E-mail transmission cannot be guaranteed to be
secure or error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
contents of this message, which arise as a result of e-mail transmission.
The content of this email is not necessarily that of the Dore Acievement
Centres unless otherwise specified. This email was scanned for possible
viruses and was sent on 14/10/2004 by barry dot mather at dorecentres dot com dot au to m0n0wall at lists dot m0n0 dot ch