dpd_action = start

[humnab]

Hello,

in the OPNsense GUI we have:

Start, Clear, Trap for DPD Action, Start sets:

/usr/local/etc/swanctl/swanctl.conf

dpd_action = start

But this is not a valid option for dpd_action, it the documentation ist correct:

https://docs.strongswan.org/docs/latest/swanctl/swanctlConf.html

Action to perform for this CHILD_SA on DPD timeout. The default clear closes the CHILD_SA and does not take further action. trap installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand (note that this is redundant if start_action includes trap. restart immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA.


So it should be changed to restart?