On Thu, Apr 12 2007 at 19:14, Martin Hedenfalk wrote: > Hello misc, Hello,
> I'm trying to delete individual tunnels with ipsecctl: > This is on the 4.1 snapshots from April 6. [...] > Then I try to delete the SAs: > # ipsecctl -ss > esp tunnel from 192.168.5.5 to 192.168.5.12 spi 0x17661dae auth hmac- > sha2-256 enc aes > esp tunnel from 192.168.5.12 to 192.168.5.5 spi 0x268063a2 auth hmac- > sha2-256 enc aes > # ipsecctl -ss | ipsecctl -d -f- > stdin: 1: no authentication key specified > stdin: 2: no authentication key specified > ipsecctl: Syntax error in config file: ipsec rules not loaded > What authentication key is needed? How can I remove a specific SA? Starting from 4.1, ipsecctl no longer show the SA keys with 'ipsecctl -s sa'. To show them, there is a new -k flag. > I should add that this is on a passive IPsec aggregator with many > dynamic tunnels from "road warrior" type peers. I didn't try roadw arriors yet. What client software do you use ? Claer