If you ever have issues with site-to-site IPSEC vpn with Vyatta, where one of the peers is on a dynamic IP address, in addition to DPD, you need to add:
set vpn ipsec auto-update 30
where master ipsec daemon re-reads configuration files for changes and informs pluto daemon about changes. If there are IP address changes pluto daemon will be informed about the changes for effected tunnels.
No comments:
Post a Comment