[strongSwan] Strongswan IKEv2 Stack (charon): Are the Tunnels brought automatically down if peer or own Certificate is detected as revoked or expired at runtime.
martin at strongswan.org
Fri Nov 14 12:18:45 CET 2014
> If a IKEv2 tunnel is already established with a peer, then is this tunnel
> brought down automatically by strongswan
No, the trust chain is validated during the initial tunnel setup only.
As reauthentication re-establishes the tunnel (if not disabled), the
trustchain gets re-evaluated periodically according to your ikelifetime.
More information about the Users