• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Swanctl --list-conn output does not match IPsec status.

Scheduled Pinned Locked Moved IPsec
1 Posts 1 Posters 421 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I
    icewall
    last edited by Nov 28, 2018, 4:34 PM

    When I set up the IPsec tunnel, I had rekeying disabled, as it was the default at the time. I have since unchecked the disable rekeying box. After a reboot I suspect rekeying is still disabled. The swanctl --list-conn output confims this.

    I also noticed the lifetimes in the swanclt output are off by 540sec for both the Phase 1 and Phase 2 lifetimes.

    0_1543421459995_swanctl --list-conn.png

    0_1543421487299_Phase1.png

    0_1543421495851_Phase2.png

    The tunnel functions as expected. however the IPSEC Overview Page lists multiple entries for the same tunnel?

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received