[strongSwan] had to manually up a connection
Victor Sudakov
vas at sibptus.ru
Fri Mar 6 08:33:41 CET 2020
Alex K wrote:
>
> >
> > According to ipsec.conf(5) "auto=start loads a connection and brings it
> > up immediately." What is the expected behavior of auto=start on
> > connection *loss* (e.g. peer death is detected by DPD)?
> >
> My understanding is that dpdaction=restart should automatically restart the
> connection upon dead peer detection and restore it back again when the peer
> becomes available.
Mine too, but this apparently did not happen in my case. I'd like to understand why.
My config once again:
conn home
auto=start
authby=secret
dpddelay=10s
dpdaction=restart
esp=aes256-sha1-modp2048
ike=aes256-sha1-modp2048
ikelifetime=1h
lifetime=10m
keyexchange=ikev2
type=transport
left=10.10.10.5
right=y.y.y.y
leftprotoport=47
rightprotoport=47
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
More information about the Users
mailing list