I have a connection between openbsd 4.0 (yes, a bit out of date) and a
checkpoint vpn-1 r55. Once or twice a month the tunnel stops working,
and when it happened today I had the isakmpd.pcap running. I have have
to manually restart the tunnel using 'echo t' or 'echo c' into the
fifo to get it up a
I am running OpenBSD 4.0 on amd64, and I'm seeing that isakmpd builds
up a large amount of redundant phase 1 tunnels for one of our peers.
It will only report these when prompted with 'echo r > \
isakmpd.fifo', it's not shown in 'ipsecctl -s all'. This is causing
one of our peer VPN endpoints to r
Hans-Joerg Hoexer wrote:
Hi,
On Thu, Aug 02, 2007 at 09:23:59PM +0200, Sven Ulland wrote:
I am running OpenBSD 4.0 on amd64, and I'm seeing that isakmpd builds
up a large amount of redundant phase 1 tunnels for one of our peers.
It will only report these when prompted with &#
Hans-Joerg Hoexer wrote:
On Thu, Aug 02, 2007 at 10:23:59PM +0200, Sven Ulland wrote:
I'm very (that's putting it mildly) interested in the issues with 4.0
that you mention. Would you be able to shed some more light on which
issues they were, or point me to references? It wou
My failover isakmpd setup doesn't fail over transparently when the
master goes down. SAs and flows are properly synced using sasyncd, but
when the backup node becomes master (and isakmpd is set to active
mode), it fails to find any SAs and continues to renegotiate both
phase 1 and 2, resulting in
Sven Ingebrigt Ulland wrote:
[...]
Thanks to all of you who have contributed with your
experiences with isakmpd/ipsec in OpenBSD. After some time
now, I've seen some more of the good and bad sides of our
VPN setup, and I'll share it with you.
How long have you been running openbsd isakmpd/ips
6 matches
Mail list logo
