Hi, Can we set on Vyatta an IPsec SA idle timer? For example the other side of the tunnel has set this timer to 5 min. If within 5 min no traffic is passing through the tunnel, the IPsec SA is deleted. Note that the other end does not support DPD. >From what I can see, the other side is deleting the SA and sends the ISAKMP Informational packet. Vyatta receives it and after that immediately starts the QM negotiations to establish a new IPsec SA although the tunnel is still idle. This behaviour does not affect the tunnel in any way, so its only a question not a problem. I also have another question, not related to the timer, is going Vyatta to be listed on the Virtual Private Network Consortium site for interoperability logo? I do not see why not, looking at its features and from my tests with some of the devices listed there. http://www.vpnc.org/testing.html Thanks, Adrian
_______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
