[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec-tools-devel
Subject:    Re: [Ipsec-tools-devel] reconnecting after ISAKMP-SA deleted
From:       Matthew Grooms <mgrooms () shrew ! net>
Date:       2008-06-03 16:01:13
Message-ID: 48456AC9.1030408 () shrew ! net
[Download RAW message or body]

Karl Hiramoto wrote:
> Hi,
> 
> 
> I have   LAN1 <--> GW1  <---> GW2 <--> LAN2.
> 
> 
> Everything works fine when startup racoon on Both GW1 and GW2.
> 
> If i restart GW2,  then  GW1 racoon  has the messages:
> 
> 2008-06-03 15:02:56: INFO: isakmp.c:3089:purge_remote(): purging 
> ISAKMP-SA spi=5eb0062f189a248c:0e5fd9f9dc3deb55.
> 2008-06-03 15:02:56: DEBUG: pfkey.c:300:pfkey_dump_sadb(): call 
> pfkey_send_dump
> 2008-06-03 15:02:56: INFO: isakmp.c:3214:purge_remote(): purged 
> ISAKMP-SA spi=5eb0062f189a248c:0e5fd9f9dc3deb55.
> 2008-06-03 15:02:56: DEBUG: isakmp_inf.c:1410:isakmp_info_recv_d(): 
> purged SAs.
> 2008-06-03 15:02:57: INFO: isakmp.c:1925:isakmp_ph1delete(): ISAKMP-SA 
> deleted 192.168.10.54[500]-192.168.10.232[500] 
> spi:5eb0062f189a248c:0e5fd9f9dc3deb55
> 
> 
> pinging from LAN1 to LAN2  will *not* restart the tunnel.    pinging 
> from LAN2 to LAN1 will restart the tunnel because GW2 initiates the 
> connection.
> 

Have a look at the DPD options.

-Matthew

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Ipsec-tools-devel mailing list
Ipsec-tools-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel
[prev in list] [next in list] [prev in thread] [next in thread]