Hi, On Fri, Mar 31, 2006 at 11:01:03AM +0200, Stefan Sczekalla-Waldschmidt wrote: > > Some days ago one certain vpn-tunnel started failing for an > unpredictable time of some minutes up to an hour. > ( mostly just less than 5 minutes). All other site-link-tunnels stay up > and running. > > a long-term monitoring makes me thinking that there is in any way > something happen every approx 1800 sec. > > Reviewing the ipsec.conf manpage does not show any default values of > 1800sec as far as i have noticed.
Lifetimes can not be set yet using ipsec.conf. You can do this with a rather simple isakmpd.conf: <[EMAIL PROTECTED]:22># cat /etc/isakmpd.conf [General] Default-phase-1-lifetime= 3600,1800:7200 Default-phase-2-lifetime= 600,450:720 > Whaa Isakmpd-debug-level Options should I set to get a better glue what > ist happening ? > > All other Ideas/suggestions are welcome ! please show us your configuration.
