Clay, Follow up in detail on the vpnc mailing list, but a quick overview is:
vpnc does not handle a function utilized within the concentrator called rekeying. The timing on this depends on a number of factors, and as I understand will require a complete re-write on the vpnc code base. I have written some wrapper scripts that basically do the following: 1. ping (or do an ssh-keyscan for those sites that do not allow icmp). 2. if the ping or ssh-keyscan result is negative, rebuild the tunnel. I run this script via cron every few minutes. My experience is that I timeout every 8 hours on the dot. I understand the newest patches for vpnc last 23 hours. Ron On Friday 01 September 2006 10:41, [EMAIL PROTECTED] wrote: > ----- Forwarded message from David Clayton Jordan <[EMAIL PROTECTED]> > ----- > > > > Wondered if anyone here has any good info on vpnc and how to extent the > connection time? > > > -Clay > ----- Forwarded message from David Clayton Jordan <[EMAIL PROTECTED]> > ----- > > Mine seems to drop every 4 hours or somewhere in that range... also it > seems to drop sooner if youre inactive for a period of time... > > if anyone knows how to fix this, Id be interested to know as well, but Ive > just dealt with it so far. > > -Clay > > On Fri, Sep 01, 2006 at 03:30:29PM +0100, Alun Evans wrote: > > This one: > > http://www.unix-ag.uni-kl.de/~massar/vpnc/ > > > > Not the vpnclient. > > > > On the web page it says: > > o rekeying is not supported (default rekey-intervall is 8 hours) > > > > though it seems to drop out much more often than that. > > > > Is there something mystical I can do to extend the time it maintains the > > connection...? > > > > > > A. > > > > -- > > Alun Evans > > IOS Software Engineer, cisco Systems. > > http://www.cisco.com/go/ipv6/ > > -- > +------------------------------------------------------+ > > | Clay Jordan | | | > | Tacsuns Team ||| ||| | > | RTP, North Carolina .|||||. .|||||. | > | Phone 919-392-0597 .:|||||||||:.:|||||||||:. | > | e-mail [EMAIL PROTECTED] C i s c o S y s t e m s | > > +------------------------------------------------------+ > > > > ----- End forwarded message ----- > > -- > +---------------------------------+ > > | Clay Jordan | > | > | e-mail [EMAIL PROTECTED] | > | http://www.crazyclay.org | > | http://www.gentoo.org | > > +---------------------------------+ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
