[strongSwan] Question about IKEv2 re-authentication timeout
Dan Cook
dan.cook at illum.io
Fri Jul 12 19:23:16 CEST 2013
Greetings,
I have a configuration / runtime question regarding authentication
failures in SS 5.1 (I assume 5.0.4 behaves the same).
What is the default timeout between re-authentication attempts?
Is the timeout configurable in strongswan.conf? I tried setting the
"close_ike_on_child_failure" to yes in the charon section of
strongswan.conf but that didn't appear to affect the timeout value.
I want to be able to force a re-authentication or have the timeout be
shorter than the default.
Doing a ipsec reload seems to do it, but that seems a little drastic a
solution.
The use case is upon getting a new connection the other side may have
not received credentials yet, but will very shortly. I would like to
retry more aggressively in a script before declaring failure.
Regards,
Dan Cook
More information about the Users
mailing list