[Swan] adding ipsec clients requiring reboot
Nick Howitt
nick at howitts.co.uk
Thu Dec 11 15:35:17 EET 2014
Unless it has changed recently "ipsec auto --add ..." does not reread
the secrets file you you'll probably also have to do an "ipsec secrets".
I'd do it before the "ipsec auto ..." to get the secrets into place
before the conn is added.
Nick
On 2014-12-11 13:28, Ted Toth wrote:
> This is actually an openswan RHEL6 question but hopefully the answer
> will also apply to libreswan. We have a script to add a ipsec client
> to our server which creates ${REMOTE_HOSTNAME}.conf (conn
> ${REMOTE_HOSTNAME}) and ${REMOTE_HOSTNAME}.secrets in /etc/ipsec.d and
> then does:
> ipsec auto --add ${REMOTE_HOSTNAME}
> ipsec auto --asynchronous --up ${REMOTE_HOSTNAME}
>
> On the client we do the mirror using the server hostname. However the
> connection doesn't work unless we reboot both ends. What are the steps
> and their order required to add a client without having to reboot?
>
> Ted
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list