Unless it has changed recently "ipsec auto --add ..." does not reread
the secrets file you you'll probably also have to do an "ipsec secrets".
I'd do it before the "ipsec auto ..." to get the secrets into place
before the conn is added.
Nick
On 2014-12-11 13:28, Ted Toth wrote:
This is actually an openswan RHEL6 question but hopefully the answer
will also apply to libreswan. We have a script to add a ipsec client
to our server which creates ${REMOTE_HOSTNAME}.conf (conn
${REMOTE_HOSTNAME}) and ${REMOTE_HOSTNAME}.secrets in /etc/ipsec.d and
then does:
ipsec auto --add ${REMOTE_HOSTNAME}
ipsec auto --asynchronous --up ${REMOTE_HOSTNAME}
On the client we do the mirror using the server hostname. However the
connection doesn't work unless we reboot both ends. What are the steps
and their order required to add a client without having to reboot?
Ted
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
