Defaults to an ephemeral port. May be set to e.g. 4500 if firewall rules
require a static port.
+charon-nm.retransmit_base = 1.4
+ Base to use for calculating exponential back off, see IKEv2 RETRANSMISSION
+ in **strongswan.conf**(5). Default retransmission settings for charon-nm are
+ deliberately lower to fail and possibly reestablish SAs more quickly.
+
+charon-nm.retransmit_timeout = 2.0
+ Timeout in seconds before sending first retransmit.
+
+charon-nm.retransmit_tries = 3
+ Number of times to retransmit a packet before giving up.
+
charon-nm.routing_table = 210
Table where routes via XFRM interface are installed. Should be different
than the table used for the regular IKE daemon due to the mark.
lib->settings->set_default_str(lib->settings,
"charon-nm.check_current_path", "yes");
+ /* fail more quickly so users don't have to wait too long for a new SA */
+ lib->settings->set_default_str(lib->settings,
+ "charon-nm.retransmit_tries", "3");
+ lib->settings->set_default_str(lib->settings,
+ "charon-nm.retransmit_timeout", "2.0");
+ lib->settings->set_default_str(lib->settings,
+ "charon-nm.retransmit_base", "1.4");
+
DBG1(DBG_DMN, "Starting charon NetworkManager backend (strongSwan "VERSION")");
if (lib->integrity)
{
projects / thirdparty / strongswan.git / commitdiff
