[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openswan-users
Subject:    Re: [Openswan Users] FW: Resource temporarily unavailable auto=route
From:       "frage schnell" <frage.schnell1 () gmx ! de>
Date:       2006-11-30 13:35:58
Message-ID: 20061130133558.18700 () gmx ! net
[Download RAW message or body]


-------- Original-Nachricht --------
Datum: Wed, 29 Nov 2006 08:59:03 -0500
Von: "Peter McGill" <petermcgill@goco.net>
An: frage.schnell1@gmx.de
Betreff: FW: [Openswan Users] Resource temporarily unavailable auto=route

> Sorry, I pasted your address in the wrong email field...
> So I ended up sending this former message to the list with your return
> address...
> 
> Peter McGill
> 
> 
> > -----Original Message-----
> > From: Peter McGill [mailto:petermcgill@goco.net] On Behalf Of 
> > frage.schnell1@gmx.de
> > Sent: November 29, 2006 8:49 AM
> > To: 'users@openswan.org'
> > Subject: RE: [Openswan Users] Resource temporarily 
> > unavailable auto=route
> > 
> > > Date: Tue, 28 Nov 2006 17:39:10 +0100
> > > From: "frage schnell" <frage.schnell1@gmx.de>
> > > 
> > > I use the auto=route to bild a automatic conetion to a host
> > > If I try to use the conection first time I get Resource 
> > > temporarily unavailable on the 2. time all works fine. I use 
> > > now a ping to open the tunnel but It is not the way I like
> > > 
> > > > ping sechost
> > > connect: Resource temporarily unavailable
> > > > # ping sechost
> > > PING xxxxxx (xx.xx.xx.xx) 56(84) bytes of data.
> > > 64 bytes from xxxxxx (xx.xx.xx.xx): icmp_seq=1 ttl=64 time=67.1 ms
> > > 64 bytes from xxxxxx (xx.xx.xx.xx): icmp_seq=2 ttl=64 time=66.5 ms
> > > 
> > > conn tunnel
> > > left=%defaultroute
> > > leftsubnet=192.168.3.2/32
> > > leftnexthop=192.168.3.1
> > > leftcert=tunnel-cert.pem
> > > right=xxx.xxx.xxx.xxx
> > > rightcert=tunnel2.pem
> > > auto=route
> > > pfs=yes
> > > dpddelay=30
> > > dpdtimeout=120
> > > keylife=8m
> > > rekey=no
> > 
> > Is there a reason your using auto=route? For a connection like yours
> > Where you have static ip's on both sides, I would use auto=start.
> > Which will start the connection at pluto start. Also rekey=yes to keep
> > It up. For some reason everyone is trying auto=route lately, but start
> > Works much better for 99% of connections.
> > 
> > Peter

I have onli one static IP on the right side the second IP is dynamic
I dont like to holt the tunnel open and i like to use the connetion to diffrent \
services. It shod be bild up vor useres without root privilegs.

I use the same technik with an old freeswan an all works fine but I need to
uptdate the server and so I also need to update the ipsec
-- 
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer


[prev in list] [next in list] [prev in thread] [next in thread]