made ikev2/reauth-late scenario more robust
This commit is contained in:
parent
12b6ba8771
commit
a24f2241bc
|
@ -1,7 +1,7 @@
|
|||
moon::ipsec statusall::rw\[2\].*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home\[2\].*ESTABLISHED::YES
|
||||
carol::cat /var/log/daemon.log::scheduling reauthentication in 2[0-5]s::YES
|
||||
carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 3600s, reauthentication already scheduled in 2[0-5]s::YES
|
||||
carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 360[01]s, reauthentication already scheduled in 2[0-5]s::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
|
|
|
@ -6,8 +6,8 @@ config setup
|
|||
plutostart=no
|
||||
|
||||
conn %default
|
||||
ikelifetime=60m
|
||||
keylife=20m
|
||||
ikelifetime=3601
|
||||
keylife=1200
|
||||
rekeymargin=0s
|
||||
keyingtries=1
|
||||
|
||||
|
|
Loading…
Reference in New Issue