[Swan] adding ipsec clients requiring reboot
Paul
paul at nohats.ca
Thu Dec 11 17:27:33 EET 2014
Ohh, you are right! Add that command as well
Sent from my iPhone
> On Dec 11, 2014, at 08:35, Nick Howitt <nick at howitts.co.uk> wrote:
>
> Unless it has changed recently "ipsec auto --add ..." does not reread the secrets file you you'll probably also have to do an "ipsec secrets". I'd do it before the "ipsec auto ..." to get the secrets into place before the conn is added.
>
> Nick
>
>> On 2014-12-11 13:28, Ted Toth wrote:
>> This is actually an openswan RHEL6 question but hopefully the answer
>> will also apply to libreswan. We have a script to add a ipsec client
>> to our server which creates ${REMOTE_HOSTNAME}.conf (conn
>> ${REMOTE_HOSTNAME}) and ${REMOTE_HOSTNAME}.secrets in /etc/ipsec.d and
>> then does:
>> ipsec auto --add ${REMOTE_HOSTNAME}
>> ipsec auto --asynchronous --up ${REMOTE_HOSTNAME}
>> On the client we do the mirror using the server hostname. However the
>> connection doesn't work unless we reboot both ends. What are the steps
>> and their order required to add a client without having to reboot?
>> Ted
>> _______________________________________________
>> Swan mailing list
>> Swan at lists.libreswan.org
>> https://lists.libreswan.org/mailman/listinfo/swan
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list