over the past several years i have encountered a variety of problems
with isakmpd that range from difficult to translate error messages to
tunnels dropping without explanation.
i have just recently had a rash of tunnel dropping, which can frequently
be fixed by one endpoint doing
pkill -x isakmpd
isakmpd -Kv
ipsecctl -f /etc/ipsec.conf
in this most recent case doing this at both ends of the tunnel
repeatedly does not fix the problem. i am sick of trying to work with
isakmpd so i am interested in finding an alternative.
the possibility of doing an ssh-based vpn seems appealing but i am not
sure it will perform in the same capacity or have its own problems. i
would appreciate input on this topic.
cheers,
jake
