[Openswan Users] understanding dpdtimeout

Ondrej Moriš omoris at redhat.com
Mon Oct 17 19:30:26 EDT 2011

Hi list, what is the exact purpose of dpdtimeout option in ipsec.conf? 
Is it possible to configure conn in ipsec.conf so that once there is no 
traffic, conn-related SA will be removed? AFAIK this should be done via 
these dpdtimeout & dpdaction options, but it is not working for me - 
even though there is no traffic between nodes, SA are not deleted. What 
is wrong here?


Ondrej Moriš, RHCE
Quality Assurance Engineer
BaseOS QE - Security
Email: omoris at redhat.com
Web: www.cz.redhat.com
IRC: omoris at #qa #urt #brno, #penguins
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic

More information about the Users mailing list