[strongSwan] Connection name issue

Dragomir Ivanov drago.ivanov at gmail.com
Thu Jan 10 11:16:19 CET 2013


Hello,
I have the following output from ipsec --statusall for active connections.

000
000 "L2TP":
212.25.51.133[212.25.51.133]:17/1701---212.25.51.1...%virtual[%any]:17/%any===?;
unrouted; eroute owner: #0
000 "L2TP":   ike_life: 3600s; ipsec_life: 1200s; rekey_margin: 180s;
rekey_fuzz: 100%; keyingtries: 0
000 "L2TP":   dpd_action: clear; dpd_delay: 10s; dpd_timeout: 60s;
000 "L2TP":   policy: PSK+ENCRYPT+COMPRESS; prio: 32,32; interface: eth1;
000 "L2TP":   newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "L2TP"[2]: 212.25.51.133:4500
[212.25.51.133]:17/1701---212.25.51.1...213.226.63.184:52616[10.183.187.175]:17/0;
prospective erouted; eroute owner: #0
000 "L2TP"[2]:   ike_life: 3600s; ipsec_life: 1200s; rekey_margin: 180s;
rekey_fuzz: 100%; keyingtries: 0
000 "L2TP"[2]:   dpd_action: clear; dpd_delay: 10s; dpd_timeout: 60s;
000 "L2TP"[2]:   policy: PSK+ENCRYPT+COMPRESS; prio: 32,32; interface:
eth1;
000 "L2TP"[2]:   newest ISAKMP SA: #0; newest IPsec SA: #0;
000

But when I do:
user at vpn-server:/etc/ppp# ipsec down "L2TP"[2]
021 no connection named "L2TP[2]"

ipsec down L2TP - tears down all L2TP CLIENT_SAs which is not my intention.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130110/6e02a5f6/attachment.html>


More information about the Users mailing list