diff options
| author | seth <seth@mx3.arosa.nl> | 2009-03-13 04:33:26 +0100 |
|---|---|---|
| committer | seth <seth@mx3.arosa.nl> | 2009-03-13 04:33:26 +0100 |
| commit | 563c9ca98cae7643213c4e9e1286b3c57c68705a (patch) | |
| tree | f3280862e4369bee7637b93351743a0f8851ddc4 /etc | |
| parent | 9bf114ff0a8a95f07136e46f2bed016e87fcec50 (diff) | |
| download | pfsense-563c9ca98cae7643213c4e9e1286b3c57c68705a.zip pfsense-563c9ca98cae7643213c4e9e1286b3c57c68705a.tar.gz | |
Add DPD backend configuration to the racoon configuration.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/vpn.inc | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 172ebd5..9feae72 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -374,6 +374,10 @@ function vpn_ipsec_configure($ipchg = false) { if (isset($tunnel['natt'])) { $nattline = "nat_traversal on;"; } + $dpdline = ''; + if (isset($tunnel['dpddelay'])) { + $dpdline = "dpd_delay {$tunnel['dpddelay']};"; + } if (isset($tunnel['p1']['authentication_method'])) { $authmethod = $tunnel['p1']['authentication_method']; @@ -439,7 +443,7 @@ remote {$rgmap[$tunnel['remote-gateway']]} \{ {$certline} peers_identifier address {$rgmap[$tunnel['remote-gateway']]}; initial_contact on; - #dpd_delay 120; # DPD poll every 120 seconds + {$dpdline} ike_frag on; support_proxy on; proposal_check obey; @@ -504,6 +508,10 @@ EOD; if (isset($tunnel['natt'])) { $nattline = "nat_traversal on;"; } + $dpdline = ''; + if (isset($tunnel['dpddelay'])) { + $dpdline = "dpd_delay {$tunnel['dpddelay']};"; + } if (isset($tunnel['p1']['authentication_method'])) { $authmethod = $tunnel['p1']['authentication_method']; @@ -552,7 +560,7 @@ remote anonymous \{ {$nattline} {$certline} initial_contact on; - #dpd_delay 120; # DPD poll every 120 seconds + {$dpdline} ike_frag on; passive on; generate_policy on; |
