Page 3 of 3 FirstFirst 123
Results 21 to 24 of 24
  1. #21
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    686

    Default

    Quote Originally Posted by sky-knight View Post
    Also, Untangle has SSH access available, and the ucli commands. While I don't know what the specific commands are off the top of my head, it's possible to automatically remotely restart the IPSec module in the event of a connection fault. So if you have something monitoring network connectivity, and it detects a connection fault one of the automatic remediation options available to you via Untangle is to restart that service. A reboot fixed it isn't a fix of course, but it can be useful in maintaining up time while investigating what's going on.
    I did exactly that with the long-standing ticket I had. It worked pretty good. Put a cron job in for every 60 seconds to ping 5 times, and then stop/start the IPsec app if 100% loss. It was a bandaid that took the pressure off, but still the customer was having connections broken over the tunnel many times per day.

    Quote Originally Posted by sky-knight View Post
    You simply cannot do that with anyone else at the router level.
    With the others I've mentioned here, you don't have to. So why would they give you this functionality when their IPsec implementation is so resilient I can set it up and move on with my life? :-)

  2. #22
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,398

    Default

    If you've never witnessed IPSec instability with other vendors... you live a very charmed life. Software is software, it does stupid things sometimes for inexplicable reasons it doesn't matter what it's running on. I haven't used an IPSec engine yet that works 100% of the time. So if you have one that works for you, my question is... why aren't you using it?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #23
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    686

    Default

    If you read the thread you'd see that we *do* use other solutions for VPNs. Doesn't mean I wouldn't like Untangle's to be just as good. I'd like it to be better. And how are we going to see that without raising our voices as paying customers so the company knows it's important to us.

  4. #24
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by dmor View Post
    If you read the thread you'd see that we *do* use other solutions for VPNs. Doesn't mean I wouldn't like Untangle's to be just as good. I'd like it to be better. And how are we going to see that without raising our voices as paying customers so the company knows it's important to us.
    Just contact us and ask or tell us! :>

    Asking "Why are we *still* on version X of library Y?" is an entirely different discussion.
    If you say "I'm having problem X and I'd like to see it fixed" then we'll likely ask you to contact us so we can take a look.
    Nothing will be improved until we identify what the problem is.

    If its working now, we'll likely need to wait until it happens again.
    Then we can examine tcpdump, logs, iptables and hopefully see something interesting.
    dmor likes this.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 3 of 3 FirstFirst 123

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2