[strongSwan] Automatic Tunnel Opening and Routing
Jacques Monin
jacques.monin01 at gmail.com
Tue Apr 28 11:19:43 CEST 2015
Hello,
I'm trying to configurate strongswan in order to have automatic tunnel
opening and routing.
The tunnel opens well on traffic detection, the routes are created and all
works well. But if a network wire is unpluged, the routing is erased and I
have to restart strongswan.
Is there any way to avoid this ?
Is this possible to have the routing and the virtual addresse adding done
while the opening of the tunnel ?
By using leftupdown="ipsec _updown"
It seems that the only option to have automatic tunnel opening is to
specify auto=route in ipsec.conf (I was hoping auto=add had the same
behaviour).
So is there any way to have automatic tunnel opening without initial
routing ?
Here my configuration :
config setup
conn %default
dpddelay=30
keyingtries=5
rekeymargin=120
dpdtimeout=120
keyexchange=ikev1
keylife=1h
ikelifetime=6h
authby=rsasig
conn Visio
right=A.A.A.A
rightsubnet=172.16.1.0/24
rightid=%any
left=%defaultroute
leftsubnet=172.16.0.3/32
leftsourceip=172.16.0.3
leftcert=cert.pem
leftca=cacert.pem
leftsendcert=always
auto=route
type=tunnel
ike=aes256-sha2_256-modp1536
esp=aes256-sha2_256-modp1024
Thanks for you help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150428/8ea70f72/attachment.html>
More information about the Users
mailing list