[strongSwan] how to use the ipsec unroute <conn_name> command
Mao, Zhiheng
zmao at qti.qualcomm.com
Fri Apr 19 07:26:13 CEST 2013
Hi,
I am trying to delete the securities and the route associated with a connection and I am following the instructions on [1] for the ipsec unroute <conn_name> command. But I am always getting the configuration <conn_name> not found error. However, with the same connection name, I can do ipsec down <conn_name> with no problem. Could you please let me how to do it properly? Will this command also delete the route in the ip route list table 220?
Here is the log:
[zmao at octo-dev-iwf-1 sbin]$ sudo /usr/local/sbin/ipsec unroute zmao_swan_conn_v4
configuration 'zmao_swan_conn_v4' not found
Apr 18 19:11:53 octo-dev-iwf-1 charon: 05[CFG] received stroke: unroute 'zmao_swan_conn_v4'
[zmao at octo-dev-iwf-1 sbin]$ sudo /usr/local/sbin/ipsec down zmao_swan_conn_v4
deleting IKE_SA zmao_swan_conn_v4[4] between 10.42.112.132[vzwims.com]...10.41.73.234[testIWF]
sending DELETE for IKE_SA zmao_swan_conn_v4[4]
generating INFORMATIONAL request 4 [ D ]
sending packet: from 10.42.112.132[4500] to 10.41.73.234[4500]
received packet: from 10.41.73.234[4500] to 10.42.112.132[4500]
parsed INFORMATIONAL response 4 [ ]
IKE_SA deleted
Btw, my version is strongSwan 5.0.1, Linux 2.6.18-238.el5, x86_64
Thank you very much!
Zhiheng Mao
[1]: http://wiki.strongswan.org/projects/strongswan/wiki/IpsecCommand
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130419/426cece3/attachment.html>
More information about the Users
mailing list