Racoon site-to site
Mike Tancsa
mike at sentex.net
Fri Dec 11 14:02:17 PST 2009
At 04:43 PM 12/11/2009, Jon Otterholm wrote:
> > Also, what does
> > sysctl net.key.preferred_oldsa
> >
> > show ?
>
>It has not jamed up yet but here is output from sysctl:
>
>net.key.preferred_oldsa: 1
>
>Would it help setting it to 0 to force renewal of keys at reconnection?
I think it should allow your end to honor the other side's new SA
should it want one ahead of schedule
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
More information about the freebsd-net
mailing list