On Thu, 2005-01-13 at 03:13, Marcin Giedz wrote: > When first client is trying to connect to VPN server out side our office all > packets are sent through "linux router". When he finishes the connection > and second client wants to make a new connection no GRE packets are sent > through router. If I down and up interfaces on "linux router" everything > works OK as earlier - GRE packets are transmitted through router. If I > don't down and up interfaces but wait eg. for next day everything also > works OK. It seems for me that some "timeout" variable is set on my linux > router but I didn't set anything. Is NAT involved here? I have a similar problem where a GRE connection goes out the wrong interface as the gateway starts up, getting a NAT association in ip_conntrack and the NAT never goes away after the correct interface and route come up. I think you need to get rid of the /proc/net/ip_conntrack entry but there is no mechanism to do this. -- Les Mikesell les@xxxxxxxxxxxxxxxx
