[strongSwan] roadwarrior ike/esp SA are not dropped after lifetime expiration
Marco Berizzi
pupilla at hotmail.com
Mon Jan 15 15:21:08 CET 2018
> Yes indeed dpd should do the trick.
unfortunately windows 7 and windows 10 doesn't support dpd. Charon is logging these messages:
DPD not supported by peer, disabled
So dpd was not an option.
inactivity= is going to kill only the child sa. As pointed by Noel setting charon.inactivity_close_ike is going to kill also the ike sa. But I didn't want to change a system wide settings.
So I have opted for setting:
rekey=yes
keyingtries=1
More information about the Users
mailing list