[strongSwan] Interface address change not acted upon
Martin Willi
martin at strongswan.org
Mon Aug 23 09:44:56 CEST 2010
Hi Jan,
> Assume a client where charon is configured with a simple tunnel
> using left=%defaultroute right=vpnserver. On this client also runs a
> DHCP client (dhcpcd).
%defaultroute is resolved by ipsec starter and not automatically
updated. I'd suggest to use left=%any, charon will resolve a source
address dynamically in this case.
> charon seems to continue to use the old address, despite having noticed
> that the old address is gone from the interface.
A log file would help to diagnose the problem. Is the tunnel running
over a ppp interface?
> Is there a configuration option that I need to add so it will
> reestablish the tunnel using the new address?
MOBIKE is enabled by default, no special configuration is required.
Regards
Martin
More information about the Users
mailing list