[Openswan Users] Keep tunnel open
Paul Wouters
paul at xelerance.com
Mon Jan 10 18:47:27 EST 2011
On Tue, 11 Jan 2011, Jobst Schmalenbach wrote:
> I have a tunnel between to static ip addresses.
> I would like to keep this open (not sure whether this is a
> security risk), but the tunnel dies so I guess I must
> not have the flags specified correctly.
>
> I though that
>
> rekey=yes
> keyingtries=%forever
>
> would suffice to keep the tunnel open?
It should. openswan has no "idle timeout" that would cause it to stop
the tunnel. Likely, the other end deletes it when it finds the tunnel
is unused?
The logs should indicate this,
Paul
More information about the Users
mailing list