Hi, I noticed that the cisco end of a VPN I configured on my openBSD sends a DELETE message after a certain amount of idle time.
This feature is described in http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftsaidle .html#wp1045897 The effect is, that the VPN no longer works. openBSD still shows the routes active ( in netstat -rnf encap ) and sends packets out to the remote site. It does not try to reestablish the phase 2 sa. Is this a bug or is it that just an incompatibility with ciscos 'idle time' feature ( which may not be 'standard' ) Regards Christoph
