[strongSwan-dev] How do I properly cleanup all existing tunnel state?
rruel at akamai.com
Sat Jul 4 14:16:05 CEST 2015
I’m working on a custom plug-in which involves communicating tunnel state (SA’s and policies) to an external IPsec stack.
I’d like to implement a recovery mechanism such that if the external stack should restart, charon will simply flush all existing tunnel state.
I have tried the following:
And this seems to flush out all existing SA’s and policies, which is what I want. Unfortunately, after I issue this call, I can no longer establish new tunnels to strongSwan (it receives IKE messages, but doesn’t seem to generate any responses). I then need to restart the process.
Is there something else I need to flush in order to restore charon to a clean state? Or would just aborting the process and letting starter restart it be a better cleanup approach?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev