Hi,
I am trying to use DPD but I may not have all the right pieces in place since
the results were not what I expected. I am using version 4.6.3.
On one host I have these values in ipsec.conf file:
dpdaction=restart
dpddelay=500
I am aware of the default values for retransmissions and I did not set
any of those
values.
My question is when does charon start to initiate the DPD exchange? Is it
based on the dpddelay value or something else? My value was set at 500
as shown above, but I didn't see the first attempt to send an R-U-THERE
query until over 15 minutes after I terminated all communications between
the peers - The "ipsec status" still shown the connection as ESTABLISHED
15 minutes after no communication between the peers. Is there something
else to decide when to send the exhange?
Thanks,
Terry
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
