>> But now I have figured out what I have to change to bring up the tunnels >> after loading the config with ipsecctl. >> >> I have to disable sasyncd, which if enabled causes to start isakmpd with >> parameter S. If isakmpd starts without this parameter the tunnels come up >> and work smoothly. >> >> So the question. Is this a know behaviour, that isakmpd switches to passive >> if sasyncd is enabled? Or is this a bug? > > I have seen this before. In my experience, in the end the -S parameter > works, but it might take a while before isakmpd realises it is running > on the master. Never have figured out why it takes long some of the > time.
That would be good enough. But on my gateway the tunnel never comes up. Erwin
