[ale] PPP/SSH VPN dies randomly

Christopher Bergeron cbergeron at bass-associates.com
Mon Mar 4 21:43:26 EST 2002


And this is acceptable?  Forgive me for being naive, but that would be like
using an Operating System that crashed almost daily and wrote it off as, "I
guess that's just how it has to be".  By definition there has to be a
"reason" for it and therefore, a solution.

Have you confronted your VPN vendor about it (please say it wasn't Cisco)?
If so, what was their response?

I'm currently adding a VPN watchdog to my crontab, but even 1 minute of
downtime per month is a major malfunction.  Someone has to have some clues
about this.  I'm not using IPsec, I'm using SSH over PPP.  I understand that
encryption can be finicky, but I have a hard time blaming SSH.  I'm expected
to produce 99.99999% availability and I can't accept anything less.  Call me
a spoiled Linux user for assuming availability, if you must...

:)

Anyone have any leads or even starting points for debugging this?

Thanks,
CB


> -----Original Message-----
> From: Geoffrey [mailto:esoteric at 3times25.net]
> Sent: Monday, March 04, 2002 7:53 PM
> To: Christopher Bergeron
> Cc: Ale
> Subject: Re: [ale] PPP/SSH VPN dies randomly
>
>
> No real help, except to say that this happens to my (commercial) vpn
> connectivity on occasion.  It presents an error message something to the
> effect of: "heartbeat missed, assuming tunnel is down."  This is an
> ipsec vpn.
>
> Christopher Bergeron wrote:
> > Does anyone have any idea why my VPN connection dies
> periodically?  It seems
> > to be okay for a few days and then one of the procees goes
> defunct and the
> > connection goes down.  I'm tunneling ssh over ppp over a T1
> connection to
> > the 'net on both sides.
> >
> > Any clues are greatly appreciated...
> > -CB
> >
> >
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info.
> Problems should be
> > sent to listmaster at ale dot org.
> >
> >
> >
>
>
> --
> Until later: Geoffrey		esoteric at 3times25.net
>
> I didn't have to buy my radio from a specific company to listen
> to FM, why doesn't that apply to the Internet (anymore...)?
>
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info.
> Problems should be
> sent to listmaster at ale dot org.
>


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list