[Openswan Users] Keep tunnel open

Paul Wouters paul at xelerance.com
Mon Jan 10 18:47:27 EST 2011


On Tue, 11 Jan 2011, Jobst Schmalenbach wrote:

> I have a tunnel between to static ip addresses.
> I would like to keep this open (not sure whether this is a
> security risk), but the tunnel dies so I guess I must
> not have the flags specified correctly.
>
> I though that
>
> rekey=yes
> keyingtries=%forever
>
> would suffice to keep the tunnel open?

It should. openswan has no "idle timeout" that would cause it to stop
the tunnel. Likely, the other end deletes it when it finds the tunnel
is unused?

The logs should indicate this,

Paul


More information about the Users mailing list