From: Marcus L. <ml...@no...> - 2005-08-26 21:03:12
|
I've narrowed down my troubles somewhat. It seems that the ipsec-tools IKE implementation does *something* that causes my DLINK DI-624 to "run home to momma"--or at least, to "lose state" on its PPPOE connection, which I have to manually re-start. The very first IKE message sent from my system, towards the DI-624, and ultimately to the roadwarrior gateway cases the DI-624 to lose its marbles. My Contivity client, behind the same DI-624, doesn't have this problem. Although, I do get random "loss of state" on the DI-624 PPPOE connection from time to time, this is the first clear correlation that the loss-of-state correlates to anything. Anyone else with a DI-624 who is also using ipsec-tools? -- Marcus Leech Mail: Dept 1A12, M/S: 04352P16 Security Standards Advisor Phone: (ESN) 393-9145 +1 613 763 9145 Advanced Technology Research Nortel Networks ml...@no... |
From: VANHULLEBUS Y. <va...@fr...> - 2005-08-28 11:14:33
|
On Fri, Aug 26, 2005 at 05:02:57PM -0400, Marcus Leech wrote: > I've narrowed down my troubles somewhat. It seems that the ipsec-tools > IKE implementation does *something* that causes my DLINK DI-624 to > "run home to momma"--or at least, to "lose state" on its PPPOE connection, > which I have to manually re-start. The very first IKE message sent from > my system, towards the DI-624, and ultimately to the roadwarrior gateway > cases the DI-624 to lose its marbles. > > My Contivity client, behind the same DI-624, doesn't have this problem. > Although, I do get random "loss of state" on the DI-624 PPPOE connection > from time to time, this is the first clear correlation that the loss-of-state > correlates to anything. > > Anyone else with a DI-624 who is also using ipsec-tools? Nop... But did you check if you have some kind of MTU related issue (to be checked if you are using a PPPoE connection) ? And did you try to do a pcap capture of the problematic packet ? Yvan. |