[Openswan Users] multiple EVENT_SA_REPLACE
Roel van Meer
roel.vanmeer at bokxing.nl
Thu Jan 13 01:10:19 EST 2011
Omar Armas writes:
> My problem is that when I do an ipsec auto --status, for a tunnel with 3
> days of life, I get literally thousands of messages like this:
>
>
> "000 #5957: "to-33"[3] 189.X.X.145:62374 STATE_QUICK_R2 (IPsec SA
> established); EVENT_SA_REPLACE in 1465s
> 000 #5957: "to-33"[3] 189.X.X.145 esp.9dfd919f at 189.X.X.145
> esp.67479afd at 201.Y.Y.Y tun.0 at 189.X.X.145 tun.0 at 201.Y.Y.Y"
>
>
> beeing EVENT_SA_REPLACE value different for every line.
> It gives me no problem, but I plan to add about 100 tunnels and having
> this behavor worries me.
I think I had a similar situation a little while ago, but with Drayteks
instead of Sonicwall. The problem was solved by specifying rekey=no in my
tunnel configs.
Regards,
roel
More information about the Users
mailing list