• Windows does send Notify/Delete, but Openswan ignores them. Bug?

• If Openswan ignores them (or windwos box crashes and wont send them), we can have two identical conns open on different IP's. Use uniqueids=no should mitigates this (kills older client connection)

• Use rekey=no (server kills idle clients, clients have to rekey actively)

• I am also not sure "ipsec -off" properly works on Windows. Intermittent issues.

Notes: