[Swan] How to configure LibreSwan to auto-restart IPSec-tunnel when it go down?
yuryb
yuryb at ukr.net
Mon Mar 18 08:09:11 UTC 2019
On your advice, I set the "keyingtrays = 0" option on Friday and restarted LibreSwan. But this morning I discovered that L2TP-connection is disabled again. I executed the command "ipsec auto --up myvpn" and the connection was restored. That is, the problem remains. What else can be done to solve the problem?
Auto=omdemand or auto=start but leaves keyingtries to 0 (infinite)
Sent from mobile device
> On Mar 15, 2019, at 09:52, yuryb <yuryb at ukr.net> wrote:
>
> Good for you!
> I configured L2TP/IPSec tunnel, which should work around the clock. But, when I come to work in the morning, I find that the tunnel is disconnected. At the same time, if I run the command "ipsec auto --up myvpn", the connection restores.
> How to automate reconnection using LibreSwan?
>
> My configuration:
> config setup
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
> protostack=netkey
> conn myvpn
> ikev2=never
> type=transport
> authby=secret
> pfs=no
> ike=aes128-sha1-modp1024
> esp=aes128-sha1
> left=%defaultroute
> leftprotoport=17/1701
> right=195.149.70.70
> rightprotoport=17/1701
> auto=ondemand
> keyingtries=3
> dpddelay=30
> dpdtimeout=120
> dpdaction=clear
> rekey=yes
> ikelifetime=8h
> keylife=1h
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190318/e16eb2a8/attachment.html>
More information about the Swan
mailing list