Alex K wrote: > > > > > According to ipsec.conf(5) "auto=start loads a connection and brings it > > up immediately." What is the expected behavior of auto=start on > > connection *loss* (e.g. peer death is detected by DPD)? > > > My understanding is that dpdaction=restart should automatically restart the > connection upon dead peer detection and restore it back again when the peer > becomes available.
Mine too, but this apparently did not happen in my case. I'd like to understand why. My config once again: conn home auto=start authby=secret dpddelay=10s dpdaction=restart esp=aes256-sha1-modp2048 ike=aes256-sha1-modp2048 ikelifetime=1h lifetime=10m keyexchange=ikev2 type=transport left=10.10.10.5 right=y.y.y.y leftprotoport=47 rightprotoport=47 -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/