I have a problem with my racoon roadwarrior setup.
VPN-Server is Suse-9.1 with Suse-Kernel 2.6.5-7.95-default and
Client is SSH-Sentinel 1.4, configured to use a fixed virtual IP Address.
The first Connection works fine and racoon happily generates SAs and an
apropriate SPD (with a lifetime identical to the IKE lifetime as it seems).
When the Client disconnects. Racoon seems to realize this and deletes at
least its ISAKMP-SA (but not the SPD and SA).
Problem starts, when the client tries to reconnect (with a different IP
(modem user)). Racoon negotiates with the client but it does NOT generate a
new SPD. Instead it uses the old one, as it seems 'suitable'. But the old
SPD has a wrong remote tunnel endpoint (the old one from the first
The Connection is unusable until the broken SPD expires and racoon can
generate a new one (with a correct tunnel endpoint).
Is there any way to get racoon to delete SPDs when the corresponding client
I will send my configuration on request.