On Monday 24 June 2002 5:57 pm, Antony Stone wrote: > I think it might be interesting to add a logging rule, or use tcpdump / > ethereal etc, to look for UDP packets from source port 500 to source port > 500, and see if these appear soon before the connection goes downj ?
Obviously that was supposed to read "...look for UDP packets from source port 500 to destination port 500..." > UDP 500 is the Internet Key Exchange (IKE) protocol, and the two end > systems might be trying to re-key (although 10-15 minutes is a bit quick), > and something might be blocking that ? > > Just a thought. > > > > Antony.
