<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Hi,<br>
In _updown file <br>
in case of up-client:) added a script line to achieve it <br>
/bin/sh /usr/local/scripts/vpnmgt/utility/temp.sh $CONNNAME
$PLUTO_PEER > /dev/null 2>&1 &<br>
when connection is initiated from peer it works fine but when it is
initiated from local end, it establishes connection but control gets
stuck<br>
<blockquote>[root@manage /root]# ipsec auto --up test<br>
104 "test_failover_1-1" #3: STATE_MAIN_I1: initiate<br>
003 "test_failover_1-1" #3: received Vendor ID payload [Openswan (this
version) 2.4.5 X.509-1.5.4 LDAP_V3 PLUTO_SENDS_VENDORID
PLUTO_USES_KEYRR]<br>
003 "test_failover_1-1" #3: received Vendor ID payload [Dead Peer
Detection]<br>
003 "test_failover_1-1" #3: received Vendor ID payload [RFC 3947]
method set to=110 <br>
106 "test_failover_1-1" #3: STATE_MAIN_I2: sent MI2, expecting MR2<br>
003 "test_failover_1-1" #3: NAT-Traversal: Result using 3: no NAT
detected<br>
108 "test_failover_1-1" #3: STATE_MAIN_I3: sent MI3, expecting MR3<br>
004 "test_failover_1-1" #3: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5
group=modp1024}<br>
117 "test_failover_1-1" #4: STATE_QUICK_I1: initiate<br>
004 "test_failover_1-1" #4: STATE_QUICK_I2: sent QI2, IPsec SA
established {ESP=>0xfce2aec3 <0x77585756 xfrm=3DES_0-HMAC_MD5
NATD=none DPD=enabled}<br>
<br>
this means connection is established but after that control is not
available to me.<br>
</blockquote>
can we have control over it like if remote peer have initiated it
then do certain task and if it is initiated from local end it should
perform different task ?<br>
<br>
thanks for your help<br>
<br>
Thanks & Regards,<br>
Utkarsh Shah<br>
<br>
<br>
Paul Wouters wrote:
<blockquote
cite="midPine.LNX.4.63.0610161553030.11701@tla.xelerance.com"
type="cite">
<pre wrap="">On Mon, 16 Oct 2006, Utkarsh Shah wrote:
</pre>
<blockquote type="cite">
<pre wrap=""> <a class="moz-txt-link-rfc2396E" href="mailto:users-request@openswan.org">"users-request@openswan.org"</a> <a class="moz-txt-link-rfc2396E" href="mailto:users-request@openswan.org"><users-request@openswan.org></a>
</pre>
</blockquote>
<pre wrap=""><!---->
dont mail to that address pleaswe.
</pre>
<blockquote type="cite">
<pre wrap=""> I like to execute a script at time connection gets established in
background and like to stop it when connection is stopped.
I tried using _updown script but it gets stuck if any of its child
process is going on.
</pre>
</blockquote>
<pre wrap=""><!---->
you can't call a subshell?
You could always "touch" some file somewhere and have a daemon check for
the existence of the file?
Paul
</pre>
</blockquote>
<br>
</body>
</html>