Hello,
I've configurated strongswan with sqlite database beetween one gateway
(sphynx) and several others (amon1, amon2, ... up to six hundred).
Connections are beetween sphynx subnets and amon subnets (sometimes
beetween amon subnets).
Text file join to this mail shows my network infrastructure.
On sphynx, start_action and dpd_action are set to 0.
On amon, start_action and dpd_action are set to 2.
1) When sqlite database is modified, how apply the updates without
restarting ipsec ?
ipsec update command doesn't work in my configuration.
Is there an other way to do that or some fields should be set to
specific values ?
2) How Dead Peer Dectection works ?
When ipsec is restarted on sphynx, connections stay down on amon-- gateways.
Is there special values to set in database ?
Thanks
Fabrice
eth1__amon1-net1
|
_eth0__amon1__|eth2__amon1-net2
sphynx-net1____ | |
| | |eth3__amon1-net3
|__ROUTER__eth1__sphynx__eth0__|
| |
sphynx-net2____| | eth1__amon2-net1
| |
|_eth0__amon2__|eth2__amon2-net2
| |
| |eth3__amon2-net3
|
|
|_eth0__amon3......
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
