[strongSwan] charon and ipsec down name
Wolfgang Walter
wolfgang.walter at stwm.de
Thu Nov 11 20:15:30 CET 2010
Hello,
I use strongswan 4.4.1.
The manual says that
ipsec down <name>
will terminate connection <name>.
This is not really true with charon:
If there are serveral connections between two routers, then
ipsec down <name> does nothing if <name> uses the IKE SA of another connection
or kills all this and all other connections which also the IKE SA of <name>.
I think it would be better if charon behaved like that:
ipsec down <name>{*}
and for every IKE SA <name>[<n>] which has no other childs
ipsec down <name>[<n>]
Or the documentation is changed.
Regards
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts
More information about the Users
mailing list