[strongSwan-dev] manual manipulation the IPsec SA/SP database
andreas.steffen at strongswan.org
Tue May 29 17:08:54 CEST 2012
with strongSwan you are not supposed to manipulate the SAD/SPD
with an external command line tool as "setkey" or
"ip xfrm state/policy add" because the IKEv1/IKEv2 daemons will
not become aware of any external SAD/SPD changes. All changes
must be communicated through the strongSwan daemon interfaces.
On 29.05.2012 16:23, krishna chaitanya wrote:
> HI Team,
> I am new to strongswan. We are working on an implementation of IPsec.
> I earlier worked with racoon where I used setkey for SAD/SPD manipulation.
> In strongswan I had configured the SA's using IPsec.conf file, but is
> there a tool where we could manipulate SAD/SPD using shell.
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4489 bytes
Desc: S/MIME Cryptographic Signature
More information about the Dev