[Swan] IPSec secure messages.
Paul Wouters
paul at nohats.ca
Tue May 14 13:47:03 UTC 2019
On Tue, 14 May 2019, Madhan Raj wrote:
> 2. I have configured an Ipsec policy on one of my server pointing to other server. but i didn't configure the policies on
> other side to point this server.
> will network ping be successful?
If you use auto=add, then yes because libreswan would not initiate
IPsec.
If you use auto=ondemand or auto=start, then no because libreswan
will block leaking packets until the IPsec connection is up.
> 3. Will the network between two servers will be intact if the ipsec policies are down ? .i just wanna know if the ping
> command will work at least between two servers ?.
No, unless you set failureshunt=passthrough, but I would not recommend
that.
Paul
More information about the Swan
mailing list