[strongSwan] Persistent SA's
Kimmo Koivisto
koippa at gmail.com
Tue Oct 2 09:41:13 CEST 2012
2012/10/2 Martin Willi <martin at strongswan.org>:
Hi Martin
> For always-up tunnels, I usually prefer to install trap policies that
> automatically re-establish the tunnel if it should fail for whatever
> reason:
>
> closeaction=close
> dpdaction=close
> auto=route
>
> You'll have to send some traffic to trigger the tunnel initially. But
> the trap policy will stay installed and make sure your tunnel does, too.
>
> Regards
> Martin
You must be using 5.0.1 if you use "close" because there is only
"clear" avaible for rc1 :=) ...only joking :)
I'm reloading download page every 10s to see if 5.0.1 is there :)
I changed to auto=route, that is the way I have done these before but
when 5.0.0 had problems in IKEv1 and trap policies, I switched to
auto=start.
Thanks for your help.
Regards,
Kimmo
More information about the Users
mailing list