A new NAT mapping might be created even if the IP stays the same. Due to
the DPD fallback with NAT keep-alives this might only be necessary in
corner cases, if at all.
"charon.initiator_only", TRUE);
lib->settings->set_bool(lib->settings,
"charon.close_ike_on_child_failure", TRUE);
+ lib->settings->set_bool(lib->settings,
+ "charon.check_current_path", TRUE);
/* setting the source address breaks the VpnService.protect() function which
* uses SO_BINDTODEVICE internally. the addresses provided to the kernel as
* auxiliary data have precedence over this option causing a routing loop if