Hi Peter
> So, am I correct to assume that you guys usually evaluate the output
> of `ipsec statusall`
Preferably I'd do that over vici [1], as it provides a much better
interface for various languages to query tunnel status or re-initiate
tunnels.
> Do you simply send pings to remote systems
Hi,
On Fri, Jun 09, 2017 at 09:11:27PM +0200, Noel Kuntze wrote:
> Besides DPD, there's no standard that charon implements for that. I am
> also not aware of any that uses CHILD_SAs.
alright, too bad. :-/
So, am I correct to assume that you guys usually evaluate the output of
`ipsec statusall`
Hello Peter,
On 09.06.2017 11:46, Peter Hofmann wrote:
> Hi,
>
> we're running various Ubuntu systems with StrongSwan 5.1 or 5.3. Each
> system connects to exactly one IPSec/IKE peer. We usually don't know
> what kind of peer that is -- is it also running StrongSwan, is it a
> hardware firewall,