[Swan] How to configure LibreSwan to auto-restart IPSec-tunnel when it go down?
Paul Wouters
paul at nohats.ca
Fri Mar 15 12:27:14 UTC 2019
Auto=omdemand or auto=start but leaves keyingtries to 0 (infinite)
Sent from mobile device
> On Mar 15, 2019, at 09:52, yuryb <yuryb at ukr.net> wrote:
>
> Good for you!
> I configured L2TP/IPSec tunnel, which should work around the clock. But, when I come to work in the morning, I find that the tunnel is disconnected. At the same time, if I run the command "ipsec auto --up myvpn", the connection restores.
> How to automate reconnection using LibreSwan?
>
> My configuration:
> config setup
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
> protostack=netkey
> conn myvpn
> ikev2=never
> type=transport
> authby=secret
> pfs=no
> ike=aes128-sha1-modp1024
> esp=aes128-sha1
> left=%defaultroute
> leftprotoport=17/1701
> right=195.149.70.70
> rightprotoport=17/1701
> auto=ondemand
> keyingtries=3
> dpddelay=30
> dpdtimeout=120
> dpdaction=clear
> rekey=yes
> ikelifetime=8h
> keylife=1h
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list