[strongSwan] Dynamic addition/deletion of tunnel configuration in StrongSwan
janisdz2 at gmail.com
Mon Mar 21 20:02:40 CET 2011
I want to create a vpn hub with dynamic config:
- When new tunnel config is added: add a "conn" entry and be ready to
establish a tunnel when initiated by peer.
- When tunnel config is deleted: delete connection config and break down
any tunnels established associated with the connection.
What are the options to add/delete tunnel configuration while strongswan is
I.e. without breaking existing tunnels while adding/deleting a tunnel
Openswan has "ipsec addconn" and "ipsec auto --delete" commands for this.
By looking at the strongswan docs I found "ipsec update" which I could use
but it does not look very efficient to recreate and reread the ipsec.conf on
each connection add/delete.
Maybe there is a more efficient way to do this so that there is no need to
parse the whole config again and look for changes (which are known in
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users