[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN with FW-1 & FreeS/Wan
We've noticed that the FreeS/WAN tunnels will be shut down when I install a new policy on the FW. The admin on the FreeS/WAN side is investigating this further. It must be possible to get it to auto-create the tunnels whenever one dies... How did you configure the bounce of FreeS/WAN ? The logs on FW-1 doesn't tell you much with regards to the VPN connections, but the FreeS/WAN side is a lot better... if you know how to interpret it.. I've already had a look on frees/wan mailing list archive, but I couldn't find anything similar to what we experience. Maybe I was searching with the wrong words but... -----Original Message----- From: Peter Lukas [mailto:[email protected]] Sent: Friday, January 12, 2001 1:54 PM To: Thomas Nilsen Cc: [email protected] Subject: Re: [FW1] VPN with FW-1 & FreeS/Wan I noticed something similar where VPN connectivity would die whenever a policy was installed. The only resolution there was to bounce FreeS/WAN and retry the connection. Take a look at both logging mechanisms (the FreeS/WAN logs may be more useful). You will also find a wealth of information on the FreeS/WAN mailing list: http://www.nexial.com/cgi-bin/lipsec -peter On Fri, 12 Jan 2001, Thomas Nilsen wrote: > > A client of us has been trying to set up a VPN with us using FreeS/WAN 1.5 > on a Linux box. We used Fw-1/VPN v4.1 SP2. > > The VPN connection works fine, with just one rather annoying problem. We are > only able to connect to the intended host on the client side once every X > minutes, where X is the settings of IKE Security Association under > Properties -> Encryption. > > Connections from the client to a host on our side works as expected. > > Anyone got any experience with this, or any ideas on how to solve this > issue? > > Regards, Thomas Nilsen > Kverneland IT AS > Global Services > Tel: +44 1380 722361 Ext 201 - Mob: +44 (0)> > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|