[strongSwan] deleting IKE_SA: what's the reason?

Diego Woitasen diego at woitasen.com.ar
Wed Sep 12 00:44:55 CEST 2012

 Is there a way to know the reason of this line in the log:

deleting IKE_SA CONN_NAME[10] between

I wrote an script that controls the status of the tunnel using "ipsec
status". For some reason, some conns are dropped randomly. I have DPD
enabled but I don't see the message "giving up..." and I don't see the
message "received stroke..." about the connection lost and I don't see
the rekeying messages.

Is there an aditional way to discover why Charon is deleting IKE SAs?


Diego Woitasen

More information about the Users mailing list