Index: b/tunip.c
===================================================================
--- a/tunip.c
+++ b/tunip.c
@@ -882,10 +882,13 @@ static void vpnc_main_loop(struct sa_blo
 				time(NULL) - s->ipsec.life.start,
 				s->ipsec.life.seconds,
 				s->ipsec.life.rx/1024,
 				s->ipsec.life.tx/1024,
 				s->ipsec.life.kbytes));
+			if (s->ipsec.life.seconds &&
+			    (time(NULL) - s->ipsec.life.start + 1 >= s->ipsec.life.seconds))
+				do_kill = -3;
 		} while ((presult == 0 || (presult == -1 && errno == EINTR)) && !do_kill);
 		if (presult == -1) {
 			logmsg(LOG_ERR, "select: %m");
 			continue;
 		}
@@ -943,10 +946,13 @@ static void vpnc_main_loop(struct sa_blo
 		}
 
 	}
 
 	switch (do_kill) {
+		case -3:
+			logmsg(LOG_NOTICE, "connection terminated by timeout -> restart");
+			break;
 		case -2:
 			logmsg(LOG_NOTICE, "connection terminated by dead peer detection");
 			break;
 		case -1:
 			logmsg(LOG_NOTICE, "connection terminated by peer");
Index: b/vpnc.c
===================================================================
--- a/vpnc.c
+++ b/vpnc.c
@@ -3777,24 +3777,25 @@ int main(int argc, char **argv)
 #endif
 	gcry_check_version("1.1.90");
 	gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
 	group_init();
 
-	memset(s, 0, sizeof(*s));
-	s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;
-	s->ike.timeout = 1000; /* 1 second */
-
 	do_config(argc, argv);
 
 	if (opt_vendor == VENDOR_NORTEL)
 		group_id = tolowercase(config[CONFIG_IPSEC_ID]);
 	else
 		group_id = config[CONFIG_IPSEC_ID];
 
 	DEBUG(1, printf("\nvpnc version " VERSION "\n"));
 	hex_dump("hex_test", hex_test, sizeof(hex_test), NULL);
 
+    do {
+	memset(s, 0, sizeof(*s));
+	s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;
+	s->ike.timeout = 1000; /* 1 second */
+
 	DEBUGTOP(2, printf("S1 init_sockaddr\n"));
 	init_sockaddr(&s->dst, config[CONFIG_IPSEC_GATEWAY]);
 	init_sockaddr(&s->opt_src_ip, config[CONFIG_LOCAL_ADDR]);
 	DEBUGTOP(2, printf("S2 make_socket\n"));
 	s->ike.src_port = atoi(config[CONFIG_LOCAL_PORT]);
@@ -3845,10 +3846,11 @@ int main(int argc, char **argv)
 	close_tunnel(s);
 
 	/* Free resources */
 	DEBUGTOP(2, printf("S9 cleanup\n"));
 	cleanup(s);
+    } while (do_kill == -3);
 	if (opt_vendor == VENDOR_NORTEL)
 		free((void *)group_id);
 
 	return 0;
 }