[strongSwan] ipsec update restarting affected tunnels

Stig Thormodsrud stig at ubnt.com
Thu Jul 21 03:59:25 CEST 2016


On Wed, Jul 20, 2016 at 6:13 AM, Tobias Brunner <tobias at strongswan.org>
wrote:
>
> Hi Stig,
>
> > I've recently upgraded our strongswan from 4.5.2 to 5.2.2 and one of the
> > differences I noticed is with the older version I could regenerate
> > /etc/ipsec.conf and then do "ipsec rereadall" followed by "ipsec update"
> > and any tunnels that were affected would restart.
>
> Really?  I don't think that ever was the case (at least not for IKEv2).

Previously we were mainly using ikev1 so maybe it's a pluto vs charon
thing?  Now that we are using charon I guess I have to re-work the way I
handle changes (or get out the big hammer and "ipsec restart" ;-).

Thanks for the quick answer.

stig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160720/46d9874e/attachment.html>


More information about the Users mailing list