Hi I have a ikev1 session up, however i also see multiple child SA, if leave the seesion for a log run. Would like to understand on this scenario and should i take any actions if these scenarios is seen .
sl1childsa: #726, reqid 368, INSTALLED, TUNNEL-in-UDP, ESP:AES_CBC-128/HMAC_SHA1_96 installed 6854s ago, rekeying in 20343s, expires in 21947s in 87e44243 (0x00000001), 0 bytes, 0 packets out 01ba724f (0x00000001), 0 bytes, 0 packets, 118s ago local 0.0.0.0/0 remote 0.0.0.0/0 sl1childsa: #727, reqid 368, INSTALLED, TUNNEL-in-UDP, ESP:AES_CBC-128/HMAC_SHA1_96 installed 6853s ago, rekeying in 20334s, expires in 21947s in ad7acce9 (0x00000001), 0 bytes, 0 packets out 0602acec (0x00000001), 0 bytes, 0 packets, 118s ago local 0.0.0.0/0 remote 0.0.0.0/0 sl1childsa: #728, reqid 368, INSTALLED, TUNNEL-in-UDP, ESP:AES_CBC-128/HMAC_SHA1_96 installed 6853s ago, rekeying in 20261s, expires in 21947s in 884e04f1 (0x00000001), 504 bytes, 6 packets, 119s ago out 0a8309e2 (0x00000001), 588 bytes, 7 packets, 118s ago local 0.0.0.0/0 remote 0.0.0.0/0 I believe in ikev1 there is no rekey , its just reauth. Regards, Naveen
