[strongSwan] Pause between ipsec stop and ipsec start
Paul Theodoropoulos
paul at anastrophe.com
Mon Aug 19 18:51:01 CEST 2013
I used to run into this when I was setting up my first strongswan
connection (to a Cisco router). I believe the issue was occurring
because I had my side set up with 'auto=start' or 'auto=route'. It would
conflict with the other side's establishment phase when I was forcing
the routing before the ESP tunnel could be established. Using just
'auto=add' would let sessions negotiate fully, then bring up the routes.
I could be wrong, I'm by no means an expert on all this. I'm also
running on the 5.x branch, rather than 4 like you.
On 8/15/13 1:41 AM, Aleksandar Petreski wrote:
> Hi,
>
> I have a really strange fix to the issues i'm facing.
>
> Sometimes ipsec reload (or ipsec update) brings down all current
> connections. If i just do a simple ipsec stop and ipsec start does not
> help. If i use some minutes between stop and start everything (always)
> is back to normal.
>
> Does anyone have an explanation why this is happening?
>
> Setup: site-to-site (ikev1), several tunnels with same endpoints, same
> configuration.
> OS: CentOS 5.7 64bit
> Strongswan: Linux strongSwan U4.5.2
>
> Thanks,
>
> --
> Aleksandar Petreski
>
> RHCE #805008289536145
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
--
Paul Theodoropoulos
www.anastrophe.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130819/510b780e/attachment.html>
More information about the Users
mailing list