Hi, I’m running Strongswan 5.3.5. I have the following conn section.
conn transport-conn type=transport authby=pubkey keyexchange=ikev2 aggressive=no ike=aes128gcm128-sha256-ecp256 esp=aes128gcm128-sha256-ecp256-esn left=%any leftcert=/etc/strongswan/ipsec.d/certs/cert.pem right=%any rightsubnet=10.21.128.0/18 dpdaction=clear dpddelay=30s dpdtimeout=120s mobike=no auto=route I’ve read through the mailing lists archives and issues, and as I understand it is if you have auto=route then dpdaction is not needed because the auto=route installs the trap policy in the kernel. I’m still unclear, if I have auto=route do I need to set dpdaction? And can I set dpddelay to 0? What is the effect of doing that? Thanks, Paul
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
