Hi, Thanks a lot for the reply. It worked. I see the dpd triggering now.
I am working on a case when dpd from strongswan sends the nat detection payloads. I wanted to know upon which conditions strongswan would send dpd request with nat_detection_src_ip and nat_detection_dst_ip. Is it done only in specific case like when strongswan is behind the nat ? and strongswan is in remote-access-client ? Regards, kalyani From: bls s [mailto:[email protected]] Sent: Friday, January 12, 2018 6:40 AM To: Kalyani Garigipati (kagarigi) <[email protected]>; [email protected] Subject: RE: [strongSwan] dpd not getting triggered By default dpdaction=none, which disables sending dpd messages. From: Kalyani Garigipati (kagarigi)<mailto:[email protected]> Sent: Thursday, January 11, 2018 10:47 AM To: [email protected]<mailto:[email protected]> Subject: [strongSwan] dpd not getting triggered Hi, I am using strongswan version 5.6.1 I found that even though I configured dpd using dpddelay and dpdtimeout, dpd is not getting triggered from strongswan client at all even though there is no traffic passing. Please let me know how to debug this. config setup charondebug=all # crlcheckinterval=600 # strictcrlpolicy=yes # cachecrls=yes # nat_traversal=yes # charonstart=no conn %default ikelifetime=100m keylife=20m rekeymargin=8m keyingtries=1 authby=psk keyexchange=ikev2 ike=aes256-sha256-modp1024 esp=3des-sha1 mobike=yes dpddelay=5s dpdtimeout=150s # Add connections here. # Add connections here. conn net-net left=10.127.47.104 leftsubnet=10.127.47.104/32 leftid=10.127.47.104 right=10.104.108.110 rightsubnet=10.104.108.110/32 rightid=10.104.108.110 auto=start ~ Regards, kalyani
