Date: Wed, 20 Nov 2002 16:18:26 -0500 From: Jim Durham <durham@jcdurham.com> To: Philip Hallstrom <philip@adhesivemedia.com> Cc: Bill Moran <wmoran@potentialtech.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: VPN and roaming Windows 2K users Message-ID: <200211201618.26133.durham@jcdurham.com> In-Reply-To: <20021120112335.F16116-100000@cypress.adhesivemedia.com> References: <20021120112335.F16116-100000@cypress.adhesivemedia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 20 November 2002 02:24 pm, Philip Hallstrom wrote: > [snip] > > > > > I use racoon and IPSEC between offices with FreeBSD boxes on each > > > > end. > > > > > > Have you ever tried using vtun between the FreeBSD machines? I've > > > never used racoon/IPsec between FreeBSD machines, but I was overjoy= ed > > > at the simplicity and workability of vtun. > > > Just curious if anyone has used both that could compare them. > > > > Yes, I used vtun for about a year. It worked fine as long as the netw= ork > > stayed up between here and the West Coast, but, when it went down for > > any length of time, which happens quite regularly in the middle of th= e > > night, it wouldn't reestablish. I find that IPSEC is more robust and = you > > don't need to run PPP over it (although technically, you don't have t= o > > with vtun). IPSEC stays up and reestablishes itself. > > I've never run ipsec, but have used vtun for about 3 years b/n 4 differ= ent > DSL/cablemodem setups and it re-establishes it's connections for me... = at > least I've never had a problem with it... from the man page: > > persist yes|keep|no > persist mode. If yes, the client will try to > reconnect to the server after connection termina- > tion. If keep, the client will not remove and re- > add the tunXX or tapXX device when reconnecting. > If no, the client will exit (default). This option > is ignored by the server. > > -philip > I remember using that. The details are coming back to me now. We were getting situations where the network would go down, then come back long enough for things to start reestablishing and then go down again. After a few of these, I would get a call from the other office about.."network's down again". I could then kill both vtund's and start from scratch and all was well. It was probably some kind of a=20 race condition. (We also have a better network provider now 8-) ). -Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211201618.26133.durham>