Hi Rajiv, Please refer to [1] for the formula how rekey times are calculated. In your particular case with > keylife=15m > rekeymargin=9m the rekey time could be <= 0, effectively disabling rekeying. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey