[strongSwan] add connection at run-time
Andreas Muerdter
am at tbits.net
Fri Aug 6 16:52:02 CEST 2010
Hi Andreas,
"update" works, and delete a connection in reverse order.
A other Question, I try encrypt the esp traffic with tcpdump without success.
I get the encryption keys with "ip xfrm state", but I get no ecrypted traffic with tcpdump.
Is there any howto or documentation about the encryption of esp packets with tcpdump?
Regards
Andreas
Andreas Steffen schrieb am 06.08.2010 um 15:55 Uhr
> Hi Andreas,
the mechanism is different. Just add your connection to
> ipsec.conf
or edit an existing connection and then type
ipsec
> update
and any changes will be pushed to pluto and/or charon (the
> IKEv2
charon daemon currently has the restriction that changes do not
have an
> effect on connections that are currently
> up).
Regards
Andreas
On 08/06/2010
> 03:44 PM, Andreas Muerdter wrote:
> Hello
> @all,
>
> is it possible with strongswan 4.x, to add connections
> at run-time like
> "ipsec auto
> --add<connection-name>" in strongswan
> 2.8?
>
> Thanks
>
>
> Andreas
>
======================================================================
Andreas
> Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN
> Solution! www.strongswan.org
Institute for Internet Technologies and
> Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
> (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list