Steven Surdock wrote: > Greetings, > > I have an isakmpd process that's not letting go of old SADs. While it > doesn't seem to be causing issues with the tunnels, it is > causing higher > than normal system utilization. It seems to be occurring on > the tunnels > which have multiple subnets defined (e.g. VPNA and VPNB, but > not VPNC). > Any insight would be appreciated. > > fw1$ sudo ipsecctl -sa |grep tunnel |wc > 24 312 2184 > fw1$ sudo ipsecctl -sa |grep tunnel |wc > 32 416 2890 > fw1$ sudo ipsecctl -sa |grep tunnel |wc > 36 468 3258 > fw1$ sudo ipsecctl -sa |grep tunnel |wc > 58 754 5212
It's getting out of control. I should only have about 18 SAD entries... [EMAIL PROTECTED] ipsecctl -sa |grep tunn|wc 1214 15782 107964 Any insight would be appreciated. -Steve S.