Issue #3665
When there is data flow, the VPN tunnel will not automatically connect
Description
Hi,
I set idelTimeout to 120s. When the channel is established, PC1 and PC2 can ping each other. After 120s there is no data flow, the vpn tunnel automatically disconnects, and then it will not automatically connect when I ping the other host.
Does strongswan5 not have this function? If so, how should I configure it? Thank you.
BR
Kenny
History
#1 Updated by Tobias Brunner 3 months ago
- Category changed from charon to configuration
- Status changed from New to Feedback
- Assignee changed from Andreas Steffen to Tobias Brunner
Use trap policies to automatically create CHILD_SAs for matching traffic (start_action=trap in swanctl.conf, auto=route in ipsec.conf).
#2 Updated by Wuyijun wu 3 months ago
Hi,
I added the options but it didn't work. We are using the version 5.5.0, does the version support the options?
Do you have the complete configuration files example for the test case? thanks.BR
Kenny
#3 Updated by Tobias Brunner 3 months ago
We are using the version 5.5.0, does the version support the options?
Sure.
Do you have the complete configuration files example for the test case? thanks.
The site-to-site examples on UsableExamples use trap policies. You'll also find several examples in our test cases (ConfigurationExamples).