From owner-freebsd-questions Thu Feb 6 7:48:52 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6503237B401 for ; Thu, 6 Feb 2003 07:48:51 -0800 (PST) Received: from pa-plum1b-166.pit.adelphia.net (pa-plum1b-166.pit.adelphia.net [24.53.161.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9690F43F93 for ; Thu, 6 Feb 2003 07:48:50 -0800 (PST) (envelope-from wmoran@potentialtech.com) Received: from potentialtech.com (working [172.16.0.95]) by pa-plum1b-166.pit.adelphia.net (8.12.3/8.12.3) with ESMTP id h16FoDT5073968; Thu, 6 Feb 2003 10:50:15 -0500 (EST) (envelope-from wmoran@potentialtech.com) Message-ID: <3E4283B1.3040702@potentialtech.com> Date: Thu, 06 Feb 2003 10:48:01 -0500 From: Bill Moran User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20021127 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Wire James Cc: freebsd-questions@freebsd.org Subject: Re: VPN tunnels References: <20030206054154.39610C498E@lists.eahd.or.ug> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG [Could you wrap your lines please, you'll get better response] Wire James wrote: > Hello > > I installed a VPN connecting 3 sites together using IPSEC and Racoon on Free BSD. Each site > has a FBSD gateway with a LAN. The sites are interconnected with Frame relay links. However > occasionally these links go down, thereby cutting the connections and so the tunnels become > inactive. > > The problem am facing is that whenever the links come back up, racoon does not auto negotiate > to reactivate the tunnels what could I be doing wron ? I always have to restart racoon manually. > > Whats the way forward for me ? Or is it the normal behaviour of FBSD ? I don't know if the behaviour is normal or not. But there's a port somewhere that I used a few years ago to solve a similar problem. I looked, but I can't remember the name, and now I can't find it (I'm hoping someone will read this message and know what I'm talking about, thus providing the answer). Anyway, this port was a simple program that ran as a daemon and monitored network status, when it saw an interface go down, or a host disappear (all configurable) it would run a script of your choosing. It would then run a different script when the host became available again. We used it for a similar situation (wireless LAN would drop frequently) and it worked wonderfully. Hope you can find it, or someone knows the port I'm talking about. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message