Hi and thank you Noel, I meant to run ipsec and charon in the embedded openwrt router, I use dpd as well
# dead-peer detection to clear any "dangling" connections in case the client unexpectedly disconnects dpdaction=clear # If the tunnel has no traffic for this long (default 30 secs), Charon will send a dead peer detection packet. The value 0 means to not send such packets, relying on ordinary traffic, which will occur at least once an hour, which is the default rekeying lifetime. dpddelay=33s # DPD Retries : 3 dpdtimeout=300s Running strongswan in a 18-70$ openwrt router is very usefull in many way