And what do you mean by "the daemon is configured programmatically"?
How many keyintries does the Android client default to? Does it support
and react on DPD?
If not, how does the client know when there is a issue with the
connection, and retries or completely stops? (other then when receiving
an implicit IKE DELETE)
Den 2017-07-30 kl. 18:50, skrev Noel Kuntze:
On 30.07.2017 18:42, Dusan Ilic wrote:
What is the default ipsec.conf settings for the Android client? For example
keyinretries, dpd etc?
There's none. The daemon is configured programmatically.
Because I notice a problem, when the client is connected and the server is
restart (ipsec restart) it disconnects and reconnects (probably because the
server is sending IKE deletes), but when the server just goes away (let's say
DHCP or disconnected network) the clienbt continues to report that its
Sounds like a bug in the UI.
The server is having DPD clear on the remote access connection, and removes the
client, but the client seem to have not DPD enabled? It just sits there and if
for example you route everything from the client internet stops working on the
phone, wihtout even noticing because Strongswan report it still as connected.
Is there anyway to solve this, if not, this should really be fixed in the
default settings for the client (either DPD restart or clear).