[vpn-help] DPD parameters
Da Da
shrew64 at gmail.com
Wed Jun 15 11:11:38 CDT 2011
Matthew,
We're considering to switch to another VPN client as this is very annoying
for our users. Would it be possible to add a tunable DPD retry count to the
roadmap for 2.1.8 or 2.2 final ?
2011/3/2 Matthew Grooms <mgrooms at shrew.net>
> On 2/18/2011 10:20 AM, Da Da wrote:
>
>> Hi,
>>
>> First of all, thank you for this great piece of software. I'm currently
>> testing the VPN client on Windows x64 with a WWAN access. I've been
>> testing the version 2.2b1 but I rolled back to v2.1.7 due to stability
>> issues of the IKED service (I can't reproduce these issues yet).
>> So I'm back in v2.1.7 and it works fine except one thing : the DPD
>> feature disconnects the client very quickly if a gateway isn't reachable
>> (about 10 seconds). As I create the VPN tunnel over a native mobile
>> broadband connection, it's too short. Sometimes, I'm in the train or
>> moving and the WWAN connection is lost for a few seconds, and Windows
>> recovers it without problem. But Shrewsoft VPN already disconnected the
>> tunnel...
>> If I disable the DPD feature, it works. When the WWAN connection goes up
>> again, the SA is maintained and I received packets again. However, this
>> create session timeout issues on the facing gateway.
>> A nice solution would be to increase the number of DPD retries, for it
>> to be less aggressive. Is there a way to do it easily ?
>>
>>
> Not at present. We may add a tunable for this in the future.
>
> -Matthew
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110615/790edb4d/attachment-0001.html>
More information about the vpn-help
mailing list