LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 08-29-2006, 01:34 PM   #1
spiffytech
Member
 
Registered: Dec 2005
Location: NC, USA
Distribution: (K)ubuntu
Posts: 139

Rep: Reputation: 15
VPNC seems to timeout quickly- how do I lengthen the timeout?


I am running VPNC on (K)Ubuntu Dapper Drake, and my VPN connection seems to be timing out at an intolerably quick speed. If it goes unused for more than a few minutes, I have to kill VPNC and run it again. The only way around this is to do a ping to a computer that's behind the VPN, to keep the connection open.

Is there a way to extend the idle timeout for VPNC? Our Cisco router is set to time out at ten hours. Can I make VPNC just follow that?
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 08-29-2006, 01:43 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
if you read the vpnc manpage there is a --nat-keepalive option to do this
 
Old 08-29-2006, 02:25 PM   #3
spiffytech
Member
 
Registered: Dec 2005
Location: NC, USA
Distribution: (K)ubuntu
Posts: 139

Original Poster
Rep: Reputation: 15
When I do "man vpnc" I can't find any mention of the --nat-keepalive option. Google searching returned no mention of how to use it, so I just entered "vpnc --nat-keepalive 99999" into the command line, which left me with what looked like a config dump. How should I use that option?
 
Old 08-29-2006, 03:17 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
Code:
[chris@kermit ~]$ /usr/sbin/vpnc --long-help
Usage: /usr/sbin/vpnc [--version] [--print-config] [--help] [--long-help] [options] [config files]
<snip>
  --nat-keepalive <Seconds>
  NAT-Keepalive packet interval <Seconds>
      If non-zero, send out NAT-Keepalive packets at specified interval
    Default: 0
<snip>
 
Old 08-29-2006, 03:35 PM   #5
spiffytech
Member
 
Registered: Dec 2005
Location: NC, USA
Distribution: (K)ubuntu
Posts: 139

Original Poster
Rep: Reputation: 15
I don't seem to have that option. I am using VPNC v. 0.3.3 from the Ubuntu repository. Is it possible that you're using a newer version than I am?
 
Old 08-30-2006, 01:44 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
i'm on 0.3.3 but it does look like that option is a fairly recent patch, so might not be in the core source code yet. maybe it's just worth running a cron job to ping a node once envery minute?
 
Old 08-31-2006, 10:04 AM   #7
spiffytech
Member
 
Registered: Dec 2005
Location: NC, USA
Distribution: (K)ubuntu
Posts: 139

Original Poster
Rep: Reputation: 15
Following that thought, I found a way to keep the connection open:

"watch --interval-45 ping <something_behind_VPN> -c1"

Watch repeats something at the specified interval, and the "-c1" ensures that the thing is only pung once each time, instead of the infinite pinging that occurs when you just type "ping". I've been using this all day, and my connection has stayed open!
 
Old 08-31-2006, 10:22 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
not sure why you'd bother with watch for that, but as long as the job gets done.
 
Old 09-01-2006, 03:43 PM   #9
greg73654
LQ Newbie
 
Registered: Aug 2006
Posts: 8

Rep: Reputation: 0
I still need some help on Yahoo. They said that the pager host is csa.yahoo.com, but there are many questions I have. I basically need help with the "More options" on Gaim with a yahoo account. If some body could tell me what the setting on the pager host and port, file transfer host and port, and the proxy settings for a yahoo account that would be great.
Thank you

 
Old 09-01-2006, 04:35 PM   #10
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
why on earth have you posted a reply to this thread about yahoo??
 
Old 09-03-2006, 08:19 PM   #11
greg73654
LQ Newbie
 
Registered: Aug 2006
Posts: 8

Rep: Reputation: 0
Sorry, thought it was the same thread....
 
Old 08-06-2009, 06:27 AM   #12
barry_nay
LQ Newbie
 
Registered: Jun 2006
Posts: 1

Rep: Reputation: 0
vpnc --dpd-idle

try the "--dpd-idle 0" option for vpnc. My man page for vpnc describes it as follows:

Code:
--dpd-idle <0,10-86400>
          Send DPD packet after not receiving anything for <idle>seconds.  Use 0 to disable DPD completely (both ways).
              Default: 300
       conf-variable: DPD idle timeout (our side) <0,10-86400>

Last edited by barry_nay; 08-06-2009 at 06:46 AM. Reason: more illucidation
 
Old 10-08-2009, 01:04 PM   #13
bunchipe
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Rep: Reputation: 5
VPNC timeout

To keep the VPNC connection open indefinitely add this line

DPD idle timeout (our side) 0

to your .conf file in /etc/vpnc and I think that will effectively resolve the timeout problem.

For example:

IPSec gateway <your_gateway>
IPSec ID linux
IPSec secret <your_group_password>
Xauth username <your_username>
DPD idle timeout (our side) 0
 
2 members found this post helpful.
Old 10-08-2009, 03:32 PM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
Yeah... Three year old thread folks...
 
Old 10-09-2009, 12:35 PM   #15
bunchipe
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Rep: Reputation: 5
Question

Quote:
Originally Posted by acid_kewpie View Post
Yeah... Three year old thread folks...
So what are you trying to say? This topic was relevant to me just this month and for people who search on this issue my post may be helpful. Are you saying that what I posted is outdated or irrelevant?
 
3 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
timeout help amjad General 0 06-11-2005 02:39 AM
Timeout on server FrozenPenquin Linux - Newbie 3 12-11-2003 12:55 PM
arp timeout MagDaddy Linux - Networking 2 10-13-2003 01:23 PM
ssh timeout blackmercury Linux - General 1 06-02-2003 05:32 PM
LQ timeout... again gui10 LQ Suggestions & Feedback 4 05-02-2002 12:33 PM


All times are GMT -5. The time now is 04:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration