[strongSwan] updown script on reauthentication

Jan Palus jan.palus at gmail.com
Thu Feb 11 21:58:05 CET 2016


as mentioned in a different thread I'm using updown script to customize
routing/policy/snat. Connection is established over wan interface with
dynamic IP and once ipsec tunnel is established remote peer provides
virtual IP. If for any reason wan interface reconnects changing it's
public IP, strongswan handles it perfectly by detecting different IP and
performing reauthentication. However it appears updown script is not
called with either down-client nor with up-client verb, meaning I'm
being left with routing/policy/snat for "old" connection. Is there any
reason why updown is not called then? I'm using strongswan 5.3.3 with


More information about the Users mailing list