[strongSwan] Two connections to the same endpoint
Diego Woitasen
diego at woitasen.com.ar
Sat Sep 22 05:14:15 CEST 2012
Hi,
I have setup Strongswan with two WAN connections between the peers.
Only one is "up" at a time. There is a control script that watchs the
WAN connectivity and up/down the connections. For some reason,
sometimes, the passive connection goes UP. I'm not sure why, someone
in the IRC told me that the problem is the rekey that could start the
connection because I have two of them with the same traffic selectors.
I'm sure that the problem is not in my control script because the
problem appears when I'm not running it too.
The right solution would be to enable/disable the connection, but
Strongswan doesn't supports this and doing it with includes, symlinks
and "ipsec reload" gave me some headaches.
I was thinking about changing the leftsubnet (central site) from
10.0.0.0/8 to 10.128.0.0/9 in the backup connection. That will match
my subnets and will make the traffic selector different to avoid
problems. But, I'm not sure, because the second one is included in the
first one and may be the problem is the same.
Will that work?
Regards,
Diego
--
Diego Woitasen
More information about the Users
mailing list