While upgrading to Core Update 162 (testing), I noticed IPFire won't reestablish IPsec N2N connections being in "active" mode by itself. Instead, manually starting them via the WUI or "ipsec up [connection]" was necessary. This is a bit of a nuisance, especially if an IPFire machine is upgraded remotely over an IPsec connection, where the administrator does not have access to the IPsec gateway he/she is located behind. This problem already appeared in Core Update 161, and seems to be related to a strongSwan update. It is not to be confused with #12725, as established N2N connections where the local IPFire machine is not set into "on demand" mode run stable. See also: - https://lists.ipfire.org/pipermail/development/2021-November/011539.html - https://community.ipfire.org/t/update-to-161-ipsec-wont-connect-anywhere-afterwards/6707/3
Investigating this closer during the recent Core Updates, I am unable to reproduce the behaviour. Therefore, closing this.