<p>Hi, </p>
<p>Please consider the example given in <a href="http://www.strongswan.org/uml/testresults/ikev2/dpd-clear/index.html">http://www.strongswan.org/uml/testresults/ikev2/dpd-clear/index.html</a>.</p>
<p>1) Here, the config on moon has "dpdaction=clear" while carol does not. Because of this, once the connection is lost, moon clears the connection but carol does not. On carol, the command "ipsec status" would then give the feeling that it is connected to moon. So is it better to give "dpdaction=clear" on both moon and carol?</p>
<p>2) Also, if I include "dpdaction=clear" on both my end-points, after all the retries, the command "ipsec status" shows the following on both sides:</p>
<p>Security Associations:<br> none</p>
<div>It doesn't really kill the process, does it? So we will have to manually kill the process in order to start it again? At least these are the behaviors I see on my machines. Please let me know if this is as expected.</div>
<div> </div>
<div>Thanks and regards,</div>
<div>Meera </div>