On Thu, 11 Dec 2014, Ted Toth wrote:
This is actually an openswan RHEL6 question but hopefully the answer
will also apply to libreswan.
It should. But also note that libreswan is available in EPEL6 as well,
although not supported by Red Hat for RHEL6 at this moment.
We have a script to add a ipsec client
to our server which creates ${REMOTE_HOSTNAME}.conf (conn
${REMOTE_HOSTNAME}) and ${REMOTE_HOSTNAME}.secrets in /etc/ipsec.d and
then does:
ipsec auto --add ${REMOTE_HOSTNAME}
ipsec auto --asynchronous --up ${REMOTE_HOSTNAME}
On the client we do the mirror using the server hostname. However the
connection doesn't work unless we reboot both ends. What are the steps
and their order required to add a client without having to reboot?
If you change the *.conf an *.secrets files and manually run:
ipsec auto --add
on both sides and then run:
ipsec auto --up
on one side it should work. If you also added an IP address to the
machine that is used in such a new config, before --up you should
run: ipsec whack --listen
If that is not working for you, it is a bug (and possibly we need
more info to try and actually reproduce it)
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
