Swanctl --list-conn output does not match IPsec status.



  • When I set up the IPsec tunnel, I had rekeying disabled, as it was the default at the time. I have since unchecked the disable rekeying box. After a reboot I suspect rekeying is still disabled. The swanctl --list-conn output confims this.

    I also noticed the lifetimes in the swanclt output are off by 540sec for both the Phase 1 and Phase 2 lifetimes.

    0_1543421459995_swanctl --list-conn.png

    0_1543421487299_Phase1.png

    0_1543421495851_Phase2.png

    The tunnel functions as expected. however the IPSEC Overview Page lists multiple entries for the same tunnel?