On Tue, 14 May 2019, Madhan Raj wrote:
2. I have configured an Ipsec policy on one of my server pointing to other server. but i didn't configure the policies on other side to point this server. will network ping be successful?
If you use auto=add, then yes because libreswan would not initiate IPsec. If you use auto=ondemand or auto=start, then no because libreswan will block leaking packets until the IPsec connection is up.
3. Will the network between two servers will be intact if the ipsec policies are down ? .i just wanna know if the ping command will work at least between two servers ?.
No, unless you set failureshunt=passthrough, but I would not recommend that. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
