4. Swanctl --list-conn output does not match IPsec status.

Swanctl --list-conn output does not match IPsec status.

  • I

    When I set up the IPsec tunnel, I had rekeying disabled, as it was the default at the time. I have since unchecked the disable rekeying box. After a reboot I suspect rekeying is still disabled. The swanctl --list-conn output confims this.

    I also noticed the lifetimes in the swanclt output are off by 540sec for both the Phase 1 and Phase 2 lifetimes.

    0_1543421459995_swanctl --list-conn.png

    0_1543421487299_Phase1.png

    0_1543421495851_Phase2.png

    The tunnel functions as expected. however the IPSEC Overview Page lists multiple entries for the same tunnel?

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy