Re: [strongSwan] ipsec reload fails to kill obsolete connections?
Yves, > When we generate a new version of these files we issue an ipsec reload > (not just update). I'd expect that to kill connections that are not > relevant anymore, but this is not the case ipsec statusall shows them > still as defined and up and running. "ipsec reload" by design does not affect running connections, it reloads the configuration only. You'll have to manually "ipsec down" any connection instance for affected configurations. Please refer to the discussion at [1] for more information. Regards Martin [1]http://dev.strongswan.narkive.com/sa7nwo4I/strongswan-dev-patch-starter-cleanup-sas-when-deleting-a-connection ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] ipsec reload fails to kill obsolete connections?
Hi all, I have /etc/ipsec.conf and /etc/ipsec.secrets files that are generated. Connections and credentials appear and disappear in these files. When we generate a new version of these files we issue an ipsec reload (not just update). I'd expect that to kill connections that are not relevant anymore, but this is not the case ipsec statusall shows them still as defined and up and running. Environment is linux 3.2 (embedded distro, ELinOS, glibc), strongswan 5.2.2. What am I doing wrong? TIA, Yves ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users