Hello Tobias, Le 05/12/2017 à 15:54, Tobias Brunner a écrit : > Using auto=start on both ends in combination with uniqueids=yes and > closeaction=restart is a bad idea. If a duplicate SA is created and > that's detected and the duplicate is then closed this deletion will > again trigger another SA, causing another duplicate and so on. > > Regards, > Tobias >
I see your point. The thing is now I have removed on both ends the closeaction=restart. In addition to that, should I use auto=route on both ends ? My last experience with auto=route unfortunately showed that it was "not working", meaning that no matter what I did to try to trigger tunnel creation by sending traffic to the other peer, the tunnel was never started automatically, hence the auto=start.
signature.asc
Description: OpenPGP digital signature
