[strongSwan] how to use the ipsec unroute <conn_name> command

Mao, Zhiheng zmao at qti.qualcomm.com
Fri Apr 19 07:26:13 CEST 2013


I am trying to delete the securities and the route associated with a connection and I am following the instructions on [1] for the ipsec unroute <conn_name> command. But I am always getting the configuration <conn_name> not found error. However, with the same connection name, I can do ipsec down <conn_name> with no problem. Could you please let me how to do it properly? Will this command also delete the route in the ip route list table 220?

Here is the log:
[zmao at octo-dev-iwf-1 sbin]$ sudo /usr/local/sbin/ipsec unroute zmao_swan_conn_v4
configuration 'zmao_swan_conn_v4' not found
Apr 18 19:11:53 octo-dev-iwf-1 charon: 05[CFG] received stroke: unroute 'zmao_swan_conn_v4'

[zmao at octo-dev-iwf-1 sbin]$ sudo /usr/local/sbin/ipsec down zmao_swan_conn_v4
deleting IKE_SA zmao_swan_conn_v4[4] between[vzwims.com]...[testIWF]
sending DELETE for IKE_SA zmao_swan_conn_v4[4]
generating INFORMATIONAL request 4 [ D ]
sending packet: from[4500] to[4500]
received packet: from[4500] to[4500]
parsed INFORMATIONAL response 4 [ ]
IKE_SA deleted

Btw, my version is strongSwan 5.0.1, Linux 2.6.18-238.el5, x86_64

Thank you very much!

Zhiheng Mao

[1]: http://wiki.strongswan.org/projects/strongswan/wiki/IpsecCommand

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130419/426cece3/attachment.html>

More information about the Users mailing list