Menu
▾
▴
[Ipsec-tools-devel] HowTo Enable Dead Peer Detection
|
From: Gordon Z. <gor...@ho...> - 2006-11-29 02:48:51
|
I'm using Transport Mode to create IPSEC connection between two hosts.
When I enabled the Dead Peer Detection, racoon debug would give me the
ERROR message "DPD support not compiled in" I have the following contents
as my racoon.conf:
timer
{
phase1 30 sec;
phase2 20 sec;
}
remote anonymous
{
exchange_mode main;
my_identifier address;
lifetime time 15 min; #sec,min,hour
proposal_check obey; #obey, strict, or claim
dpd_delay 10;
dpd_retry 5;
dpd_maxfail 5;
proposal
{
encryption_algorithm des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 1;
}
}
sainfo anonymous
{
lifetime time 30 min;
encryption_algorithm des; #3des
authentication_algorithm hmac_md5; #hmac_sha1;
compression_algorithm deflate;
}
Thanks in advance!
Gordon
_________________________________________________________________
免费下载 MSN Explorer: http://explorer.msn.com/lccn/
|
