Hi Divya, > Was there any disadvantage in initial approach of not installing soft > lifetime for outbound SA?
No not at all. It was just a side-effect that with the extended lifetime support introduced back then (with limits for number of bytes and packets, and more dynamically applied jitter) the rekey time was different for the in- and outbound SA (before it was the same for both directions). So installing a soft lifetime on both SAs just made sense. Regards, Tobias _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
