Hi,
we are running an OpenBSD 4.0 Firewall/VPN Cluster (CARP).
One of my collegues connects with a DrayTek 2700 Router to
the Internet,
and this router is establishing an IPSec-Tunnel to our
Firewall-
Cluster. The Tunnel is stable,
besides the 24-Hour disconnect. The IP of the DrayTek
changes, and
the Tunnel isn't set up again.
my ipsec.conf:
--snip--
ike dynamic esp from 10.0.0.0/24 to 10.1.1.0/24 local
<myip> peer
myhost.ath.cx
main auth hmac-sha1 enc 3des group modp1024
quick auth hmac-sha1 enc aes
srcid myID dstid hisID
psk abcdefg
--snap--
the manual-page says "dynamic for roadwarriors".
the error message my vpn-endpoint is:
--snip--
Jul 3 09:09:25 bonnie isakmpd[24104]: dropped message from
84.186.179.171 port 500 due to notification type
NO_PROPOSAL_CHOSEN
--snap--
after flushing and reloading the /etc/ipsec.conf, the
connection is
established.
any ideas, what i can do?
Thx!
Mit freundlichen Gr|_en
Georg Buschbeck
Information Technology
THOMAS DAILY GmbH
Adlerstra_e 19
79098 Freiburg
Deutschland
T + 49 761 3 85 59 170
F + 49 761 3 85 59 550
E georg.buschbeck thomas-daily.de
www.thomas-daily.de
Geschdftsf|hrer/Managing Directors:
Wendy Thomas, Susanne Larbig
Handelsregister Freiburg i.Br., HRB 3947
Mit freundlichen Gr|_en
Georg Buschbeck
Information Technology
THOMAS DAILY GmbH
Adlerstra_e 19
79098 Freiburg
Deutschland
T + 49 761 3 85 59 170
F + 49 761 3 85 59 550
E georg.buschbeckthomas-daily.de
www.thomas-daily.de
Geschdftsf|hrer/Managing Directors:
Wendy Thomas, Susanne Larbig
Handelsregister Freiburg i.Br., HRB 3947
|
