I set up a cron job that pings the internal ip of the router on the other side of the VPN every 120 seconds and the link has not come down as yet. Perhaps this is a work around...
This is my cron job set to execute on boot : ping 192.168.100.1 -i 120 Hope this will solve the problems for all who are struggling to solve the vpn problem with pfsense. Anil garg <[EMAIL PROTECTED]> wrote: Chris/Scott The only reason we purchased a RV016 on the other end was because we have three DSL on load balancing and I could not figure out how to put 3 DSL, one DMZ, and Lan on one box, even though PC has 4 Intel pro cards plus one built on the motherboard. Someday someone will write a recipe for non-geeks like us. Coming to tunnel problem, we matched every parameter uniformly on both sides and it works fine usually. Except when there is some idle time and then the VPN link drops. If I just click save without making any change the VPN starts to function again without making any changes to Linksys at all. I tried to move to 1.2 Beta 1 and it looked great but I faced problem with my wife unable to connect to pptp to her work using gre and we also faced some instability with calling in to connect to pptp from outside which works flawlessly on the current PFSENSE 1.01 So we were hesitant to move to 1.2B1 to fix one time (which only time will tell) but break pptp pass through which is working like a charm. I don not remember what build it was. If you recommend we can try and migrate again. Best Anil Garg Scott Ullrich <[EMAIL PROTECTED]> wrote: It should also be noted that we where shipping a "invalid" racoon recently with NAT-T enabled in racoon but not in the kernel. Somehow along the way NATT was changed to "enabled" and our BATCH port building system picked this up. Basically what I am trying to say is make sure all endpoints are on the same version. Preferably 1.2-BETA-1. Scott On 7/2/07, Chris Buechler wrote: > Anil garg wrote: > > Guys this is a problem in 1.01 release and not sure if it is fixed in > > 1.2 beta. > > A lot has changed between 1.0 and 1.2, so it's hard to say if 1.0 had > some IPsec issues, but 99% of IPsec issues reported are user error, > including seemingly all the "tunnels drop all the time" stuff that > constantly comes up. That's what happens when you screw up lifetimes, > have some non-pfsense/m0n0wall box on the other side that's buggy, or > have any number of other settings mismatched. It's possible you have > things configured completely correctly, and racoon has some sort of > issue with that device for whatever reason, but I've yet to see anybody > actually prove that's the case. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]