Excellent clue!
On 02/24/2015 08:15 AM, Brian Candler wrote:
However based on Nagios logs, after the tunnel has been up for pretty
much exactly one hour, it drops out again. This would coincide with
the P2 SA expiring and being re-negotiated.
It would be *really* helpful if the debug message "generating
QUICK_MODE request" included the P2 parameters being requested, in the
same way the CHILD_SA message does ("TS 10.19.0.0/16|/0 ===
10.26.0.0/16|/0"), as according to the Cisco, it's asking for the
wrong ones.
Regards,
Brian.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
