Hi,
Are ipsec update and sending HUP to charon the same actions?
No, they are not. `ipsec update` sends a SIGHUP to starter, but starter
does currently not forward the signal to charon. So as you noticed, the
latter has to be done manually.
Regards,
Tobias
Hi guys!
Are ipsec update and sending HUP to charon the same actions?
I'm now setting up logging into filelog on strongswan 5.2.1 and noticed
that ipsec update won't rotate file and update logging config and
sending HUP via pkill effectively does.
Have I missed something?
Thanks in
On 2015-03-18 13:21, Tobias Brunner wrote:
Hi,
Are ipsec update and sending HUP to charon the same actions?
No, they are not. `ipsec update` sends a SIGHUP to starter, but
starter
does currently not forward the signal to charon. So as you noticed,
the
latter has to be done manually.
But still ipsec update does reread contents of ipsec.conf, am I right?
Yes, this will cause starter to reread ipsec.conf.
And does sending HUP to charon forces it to reread ipsec.conf or just
the strongswan.conf?
The charon daemon only reads strongswan.conf, and ipsec.conf is only
read by
On 03/18/2015 9:37 AM, Tobias Brunner wrote:
But still ipsec update does reread contents of ipsec.conf, am I right?
Yes, this will cause starter to reread ipsec.conf.
And does sending HUP to charon forces it to reread ipsec.conf or just
the strongswan.conf?
The charon daemon only reads
Yves,
When we generate a new version of these files we issue an ipsec reload
(not just update). I'd expect that to kill connections that are not
relevant anymore, but this is not the case ipsec statusall shows them
still as defined and up and running.
ipsec reload by design does not affect
Hi all,
I have /etc/ipsec.conf and /etc/ipsec.secrets files that are generated.
Connections and credentials appear and disappear in these files.
When we generate a new version of these files we issue an ipsec reload (not
just update).
I'd expect that to kill connections that are not relevant
Hi
Ipsec connectivity between monowall (racoon) and strongswan gets lost several times a day. I have no idea what goes wrong. To fix it I need to restart ipsec on monowall. Below you see some details
from monowall log and server log. How can I solve this problem?
Monowall
I have an Amazon VPC/EC2 instance running strongSwan for my Android client to
connect to and have its internet requests sent out the VPC instance and back.
The strongSwan server itself is running fine but I cannot figure out how to
route the rightsourceip subnet back to the instance, and the