Remove the custom --ping-restart command. On 10/11/06, Captain Bablam <[EMAIL PROTECTED]> wrote:
Good morning Rob, No I am running this over TCP, I can lower the ping time and see if that makes a difference.Wade B On 10/11/06, Rob Terhaar <[EMAIL PROTECTED]> wrote: > On 10/10/06, Captain Bablam <[EMAIL PROTECTED]> wrote: > > Good afternoon all, > > I am seeing two strange behaviours since upgrading to RC3; > > > > 1. FW rules will not apply without a restart of the firewall. I have > > never seen this on the platform. I can actually see (denies in this > > case) entries in the log for the rule(s) that were removed. My > > rulebase is stable now (after a reboot) what information can I send > > the group when I see this again? Also has anyone else experienced > > this? > > > > 2. Openvpn is restarting, from the server side and client side logs it > > looks like the issue is server side. The error message on the client > > side is; > > "Tue Oct 10 11:50:01 2006 [host.domain.com] Inactivity timeout > > (--ping-restart), restarting" > > > > Server side error is; > > "openvpn[357]: username/pub.ip.add.ress:15470 Connection reset, restarting [0] > > > > I have had the tunnel drop and re-establish 9 times since about 8:30 > > this morning. I have seen it stay up for as long as an hour and also > > less than 10 min. > > > > -W > > Are you using UDP for your openvpn tunnel? > Try switching to TCP and try lowering your keep-alive pingtime. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- "Integrity is more important than perception management" "There are two kinds of pain, the pain of change and the pain of never changing" --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
