Jump to content

VPN problem

JureZ
By JureZ
in Networking
 Share
Posted

Hello guys

 

I have stumbled upon a problem. 

We have a VPN connection between two servers that are on different locations so in order for them to communicate they need a VPN connection.

My coworker has setup an L2TP with IPsec connection between the servers and it connects and works.

BUT

About once per day the connection fails, re-establishes but doesn't work anymore. If i manually disconnect and reconnect the VPN it works once again.

The connection isn't mission critical to be always on, as it is only used to sync some data few times per day, but it is a hassle to connect it every day again and again.

 

I have done my research and have concluded that a batch file with a rasdial command is the way to go, but i cannot get it to work.

 

i want to run a command: 

ping -n 1 1.2.3.4 && rasdial myvpn /disconnect || rasdial myvpn

If it pings the server and the server isn't online, i want it to disconnect and reconnect again. 

But the command doesn't seem to work for me. 

When it will be working i'll put it in a schedule to run every 2 hours.

 

Could anyone help me write a working batch file?

 

Please help.

Yours sincerely

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

G'day,

 

I am not quite sure, but I think the problem is your operator. && tests if the previous command ran successfully, and in my understanding the command "ping" returns success to bash regardless of the result of the ping. The command "ping" returns failure if something broke the program itself I guess.

 

I think this might help you more: https://stackoverflow.com/questions/12669150/ping-batch-file-with-condition

 

Regards,

Link to comment
Share on other sites
Link to post
Share on other sites
Posted 
ping -n 1 1.2.3.4 | find /i "bytes=" || goto RECONNECT
exit

:RECONNECT
rasdial myvpn /disconnect
ping -n 60 localhost >nul
rasdial myvpn

I've put a 60 second delay between disconnecting and reconnecting since I am not sure how fast it will go.

Considering you seem to have two sites a proper site-to-site IPSec connection might be a better solution.

 

EDIT: In Powershell: 

if !(Test-Connection 1.2.3.4 -Quiet) {
rasdial myvpn /disconnect
rasdial myvpn }

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hi Mate,

 

Make sure your Phase 2 security association timers are matching on both ends.

 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×