> Yes indeed dpd should do the trick. unfortunately windows 7 and windows 10 doesn't support dpd. Charon is logging these messages:
DPD not supported by peer, disabled So dpd was not an option. inactivity= is going to kill only the child sa. As pointed by Noel setting charon.inactivity_close_ike is going to kill also the ike sa. But I didn't want to change a system wide settings. So I have opted for setting: rekey=yes keyingtries=1
