Repeated STATE_MAIN_I1 EVENT_RETRANSMIT Messages in OpenSwan Status Log

Author: Joe Kelly

A couple of years ago I wrote a story about how to setup an IPSec VPN between a Linksys RV082 (or RV042) and a Linksys WRT54GL (or WRT54G, WRT54GS, etc) running OpenWrt and OpenSwan. Over the years, that solution has proved to work reasonably well for connecting a few small satellite offices with low data throughput demands to a head office. Recently, however, our requirements have outgrown that solution. In particular, the WRT54GL side of the VPN is just too slow for our needs. Continue reading » Repeated STATE_MAIN_I1 EVENT_RETRANSMIT Messages in OpenSwan Status Log




January 18th, 2011 | Tags: , , , | Category: Mini How-Tos | Leave a comment | Print This Post | Email This Post Email This Post |
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
| 635 views

Stupid Cron Tricks

Author: Joe Kelly

Have you ever wanted to make cron run a scheduled task on some weird interval like every 29 days? I was faced with that problem just the other day.

I was starting to get annoyed with DynDNS’s nag emails, asking me to either log in and “touch” my WRT54GL router’s host record every 30 days or to upgrade to a paid service that does not require a periodic touch.

Of course, you can create a cron job that calls programs like ez-ipupdate to automate this periodic touching. The problem is, even though cron is quite flexible, it does not support intervals of 29 days. Continue reading » Stupid Cron Tricks

June 4th, 2007 | Tags: , | Category: Mini How-Tos | 7 comments | Print This Post | Email This Post Email This Post |
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
| 137 views

A Virtual Visit from Paul Wouters

Author: Joe Kelly

Soon after posting yesterday’s blog entry, How To: VPN Between RV082 (or RV042) and WRT54GL (or WRT54G), I received a comment from Paul Wouters:

Use dpdaction=restart

btw yout ike/ipsec lifetimes are insanely short. you should not do that. leave them default, and the shortest one of the other device will be used.

Paul, if you’re reading this, thanks for the tips!

I wasn’t sure how I could have missed that useful dpdaction=restart setting so I went back and checked the ipsec.conf man page this morning. Sure enough, the dpdaction=restart setting was missing from the man page. That’s why I missed it! See! I did RTFM!

Anyway, I did some googling to find out more about dpdaction=restart and I came across this Openswan mailing list message, authored by none other than Paul Wouters: Continue reading » A Virtual Visit from Paul Wouters

March 8th, 2007 | Tags: , , , , | Category: How-Tos | 2 comments | Print This Post | Email This Post Email This Post |
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
| 138 views

How To: VPN Between RV082 (or RV042) and WRT54GL (or WRT54G)

Author: Joe Kelly

Introduction

Using the OpenWrt Linux distribution, you can configure a LinkSys WRT54G (also WRT54GS and WRT54GL) router as an IPSec VPN endpoint. This IPSec VPN functionality is provided by an Openswan package that was built specifically for OpenWrt.

In this How To, I will show you how to create a VPN between a LinkSys WRT54GL and a LinkSys RV082 (RV042 could be used also). Continue reading » How To: VPN Between RV082 (or RV042) and WRT54GL (or WRT54G)

March 7th, 2007 | Tags: , , , , | Category: How-Tos | 3 comments | Print This Post | Email This Post Email This Post |
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
| 6,104 views
Page 1 of 212»