[strongSwan] Soft Lifetime set as "0" in SAD in data base

Tobias Brunner tobias at strongswan.org
Thu Apr 12 11:20:33 CEST 2012


Hi Reshma

> And we see only outbound SAs are having 0 soft life time where as 
> inbound SAs no issues.

This is the normal behavior for time based lifetimes.  Since the in- and
outbound IPsec SA are rekeyed together only one of them needs to trigger
it (hard lifetimes are installed for both SAs to ensure they are deleted
once they expire).

Regards,
Tobias




More information about the Users mailing list