[Swan] Problem with subnet-to-subnet setup behind NAT'ed networks

Jacob Vind libreswan at harm.dk
Fri Feb 12 11:44:02 UTC 2016


On 11/02/16 15:48, Matt Rogers wrote:

> You should try adding DPD settings to your config. Specifically
> dpdaction=restart which will try to renegotiate if there's an
> interruption that goes past the dpdtimeout value.
>
>

Hi Matt,

Great, thanks. Yes that seems to do it, I added this 20 hours ago and 
the link has been working since then, I can see from the logs that it 
has restarted it a few times.

I wonder why it is not mentioned in the setup examples on libreswan.org, 
but maybe it is mostly an issue if you are behind double nat setup like 
we are.

/Jacob.



More information about the Swan mailing list