|
| Well Mike, I thought I was OK, but I'm still having trouble.
I re-created the tunnels between the 2 problem endpoints (Sites A and
B), and things seemed to work nicely. Phase 2 re-negotiations took
only a handful of attempts. For the past 5 days or so, the tunnels
have been stable, with the phase 2's renegotiating successfully as
scheduled (every 4 hours.) Then just this morning, I ran into the same
problem again with the A-B tunnel, with phase 2 failing repeatedly
(endless "Phase 2 complete" messages) for several hours. I rebooted
the router at Site B and the tunnels re-established after about 90
seconds. Connections and IP traffic between sites A and B have been
fine for the past 3 hours; hopefully the next phase 2 re-negotiation
won't barf.
I'm at my wits end with this. The tunnels out of Site C have been
rock-solid since inception. The A-B tunnel settings at Sites A and B
are identical (and different from the A-C and B-C settings). I have
done a 'show config' dump and checked everything line by line.
Furthermore, the IKE and Connection Profile settings for the A-B tunnel
match the A-C and B-C settings (though unique from the other 2 tunnels
in name, IKE Profile, and password).
Netopia online chat help would not offer any VPN configuration
assistance; they referred me to their fee-based production support
offerings (consistent with their website's advertised support policy
regarding VPN's).
The only common issue I can think of at this point is that Sites A and
B both have an ISP connection requiring PPPOE underlying encapsulation
even though they have fixed IP addresses. Site C (the oldest) for some
reason, even though under the same provider (SBC), does not utilize
PPPOE at all.
Any thoughts?
|
|