Hi! I am wondering how causes lots of traffic through an ipsec tunnel. Only our mail server fetches mails every 10 minutes and that's it. So only every 10 minutes is expected to be traffic there. Nonetheless, tcpdump registered lots of traffic during the whole night. First, I thought, there was an attack going through, but I couldn't find anything... Another possibility is that the two ipsec gateways do lots of keyexchanging. On the one gateway, the key related options are these: keyingtries=1 disablearrivalcheck=no pfs=yes keyexchange=ike keylife=1h The other gateway is configured as roadwarrior because of dynamic ip addresses (dialup connection). Keying related options are these: keyingtries=0 disablearrivalcheck=no pfs=yes keyexchange=ike keylife=1h I can't figure out what the disablearrivealcheck=no option really means as all the documentation links of the freeswan homage (http://www.freeswan.org/) are broken. This option was already in the config file as a sort of "pre-defined default option". Can one of these options cause lots of traffic? Are there other possibilities? -- CU, Christoph