[Swan] Problem with subnet-to-subnet setup behind NAT'ed networks

Jacob Vind libreswan at harm.dk
Fri Feb 12 11:44:02 UTC 2016

On 11/02/16 15:48, Matt Rogers wrote:

> You should try adding DPD settings to your config. Specifically
> dpdaction=restart which will try to renegotiate if there's an
> interruption that goes past the dpdtimeout value.

Hi Matt,

Great, thanks. Yes that seems to do it, I added this 20 hours ago and 
the link has been working since then, I can see from the logs that it 
has restarted it a few times.

I wonder why it is not mentioned in the setup examples on libreswan.org, 
but maybe it is mostly an issue if you are behind double nat setup like 
we are.


More information about the Swan mailing list