I've been following the guide wrote on the following website:
http://patrickpreuss.wordpress.com/2...pn-with-linux/ The idea being to setup DMVPN. The guide works well, however after a short period all my ping packets to the routers are dropped. Desperate for help with this one guys.
My config is *slightly* different to the users; will post the relevant bits now:
opennhrp.conf:
Code:
interface gre1
map 10.161.1.1/24 remoteIP register cisco
map 10.161.1.2/24 remoteIP register cisco
redirect
holding-time 60
shortcut
interface eth0:0
shortcut-destination
racoon.conf
Code:
log debug2;
path pre_shared_key "/etc/psk.txt";
padding
{
maximum_length 20;
randomize off;
strict_check off;
exclusive_tail off;
}
remote anonymous
{
exchange_mode aggressive,main;
lifetime time 3 hour;
nat_traversal on;
ike_frag on;
script "/etc/opennhrp/racoon-ph1down.sh" phase1_down;
script "/etc/opennhrp/racoon-ph1dead.sh" phase1_dead;
dpd_delay 20;
rekey force;
passive on;
proposal
{
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo anonymous
{
pfs_group 2;
lifetime time 3 hour;
encryption_algorithm 3des;
authentication_algorithm hmac_sha1, hmac_md5;
compression_algorithm deflate;
}
ipsec-tools.conf
Code:
#!/sbin/setkey -f
spdflush;
spdadd 0.0.0.0/0 0.0.0.0/0 gre -P out ipsec esp/transport//require;
spdadd 0.0.0.0/0 0.0.0.0/0 gre -P in ipsec esp/transport//require;
Thanks - if you see anything wrong anywhere or anyway to debug, please let me know.
