News: This forum is now permanently frozen.
Pages: [1]
Topic: IPSec tunnel doesn't stay up when one M0n0wall is rebooted  (Read 1922 times)
« on: March 11, 2010, 15:05:55 »
wizard_oz *
Posts: 7

We've been running the beta for a while, and recently updated to the 1.31 release. We have two firewalls (both running 1.31 now) that have an IPSec tunnel configured.

As long as the firewalls are up and running, the tunnel stays up, it's very reliable, and there are no problems.

The problem that we're having however, is that as soon as we reboot one of them, the tunnel won't come up automatically again. In our case, we have one firewall in our head office, and one in a remote office.

Yesterday, we had to reboot the firewall in our main office, after which the tunnel was down. I tried to disable/re-enable the tunnel in our main office, but without success (I did hit apply between making changes).

Once I got to the remote office, doing the same thing (disable/enable tunnel) immediately solved the problem.

Does anybody have an idea how this can be fixed? If it's a bug, then we'd be more than happy to send logs, try out things etc.. It's just been going on for a long time, and we'd really need to figure out how to solve this.


Thanks!
« Reply #1 on: March 11, 2010, 20:16:12 »
rpsmith ***
Posts: 113

running a constant ping from each end to the opposite end's LAN IP seems to help but you might want to try pfsense and openvpn site to site.  I switched one of my customers over to that several months ago and the tunnel has been rock solid.

Note: you can also PPTP to the remote m0n0wall and kick start it that way.

Roy...
« Last Edit: March 11, 2010, 20:20:57 by rpsmith »
« Reply #2 on: March 25, 2010, 07:42:52 »
knightmb ****
Posts: 341

We've been running the beta for a while, and recently updated to the 1.31 release. We have two firewalls (both running 1.31 now) that have an IPSec tunnel configured.

As long as the firewalls are up and running, the tunnel stays up, it's very reliable, and there are no problems.

The problem that we're having however, is that as soon as we reboot one of them, the tunnel won't come up automatically again. In our case, we have one firewall in our head office, and one in a remote office.

Yesterday, we had to reboot the firewall in our main office, after which the tunnel was down. I tried to disable/re-enable the tunnel in our main office, but without success (I did hit apply between making changes).

Once I got to the remote office, doing the same thing (disable/enable tunnel) immediately solved the problem.

Does anybody have an idea how this can be fixed? If it's a bug, then we'd be more than happy to send logs, try out things etc.. It's just been going on for a long time, and we'd really need to figure out how to solve this.


Thanks!

Truthfully, I reboot my IPsec linked m0n0wall machines all the time and never seen any issues where they didn't reconnect right away.  Both sites have static IP or DNS names?

Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines